Global positioning system spoofing countermeasures

ABSTRACT

Concepts and technologies directed to global positioning system spoofing countermeasures are disclosed. Embodiments can include a system that comprises a processor and a memory that stores computer-executable instructions that configure a processor to perform operations that include identifying a mobile transportation equipment that includes an electronic logging device and a low-power wide area device, where the electronic logging device obtains GPS location data from a GPS receiver unit and the low-power wide area device obtains independent location data via a narrow band path of a low-power wide area network. The operations can include determining that a spatio-temporal misalignment exists between the independent location data and the GPS location data for the mobile transportation equipment, and providing spatio-temporal data alignment. The operations can include determining that a GPS spoofing attack has occurred, and creating a GPS spoofing alert for the mobile transportation equipment.

BACKGROUND

Historically, a limited number of consumer devices were interacting withthe global positioning system (“GPS”) due to the cost of components. Inrecent years, the cost of deploying and utilizing GPS has decreased, andtherefore an increasing number of devices rely heavily on GPS fornavigation, time synchronization, location tracking, and otheroperations. In commercial implementations, GPS utilizes multiplesatellites that broadcast GPS navigation messages that includeinformation such as precise coordinates of the GPS satellite and time. Atarget GPS receiver can receive the various GPS signals from the GPSsatellites, and in turn the target GPS receiver can determine itscurrent location, altitude, velocity, and/or direction. In typicalinstances, the GPS signals provided by GPS satellites are considered tobe relatively weak. In an attempt to ensure continuous operation, targetGPS receivers may be configured by the manufacturer to lock-on to, orotherwise utilize, the strongest GPS signals that are available to thetarget GPS receiver.

A nefarious actor may exploit the relatively weak signals from the GPSsatellites by performing a GPS spoofing attack. A GPS spoofing attackrefers to the utilization of a GPS spoofing device that operates withinthe vicinity of the target GPS receiver to generate GPS spoofing signalsthat overpower the genuine GPS signals so that the target GPS receiverwill ignore or otherwise lose track of the genuine GPS signals, andinstead lock on to the stronger GPS spoofing signals. The target GPSreceiver may interpret the GPS spoofing signals as legitimate, authenticGPS satellite signals, and therefore determine or otherwise update thelocation, altitude, velocity, and/or direction of the target GPSreceiver based on the GPS spoofing signals. Moreover, the target GPSreceiver—along with any applications that derive location informationfrom the target GPS receiver—may be unaware that a GPS spoofing attackis occurring and/or has occurred. This can be because a GPS spoofingattack may be done stealthily by transmitting fake, nefarious GPSspoofing signals that are synchronized with the authentic GPS signal,which in turn can gradually overpower the original, authentic GPSsignals, thereby causing the target GPS receiver to lock onto the GPSspoofing signals. Nefarious actors may utilize off-the-shelf componentsand software applications to create GPS spoofing devices in order tostealthily manipulate GPS location information so as to create fakenavigation routes that are, or otherwise appear to be, consistent withactual roads and location markers, thereby furthering the opportunityfor GPS spoofing attacks to occur.

SUMMARY

The present disclosure is directed to global positioning system spoofingcountermeasures, according to various embodiments. According to oneaspect of the concepts and technologies disclosed herein, a system isdisclosed. In some embodiments, the system can include or otherwise beprovided by one or more instances of a network server or other computingsystem of a network. The system can be communicatively coupled to anetwork, a radio access network, a low-power wide area network, or thelike. In some embodiments, the system can include a processor and amemory. The memory can store computer-executable instructions that, inresponse to execution by the processor, cause the processor to performoperations. In some embodiments, the operations can include identifyinga mobile transportation equipment comprising an electronic loggingdevice and a low-power wide area device, where the electronic loggingdevice obtains GPS location data from a GPS receiver unit and thelow-power wide area device obtains independent location data via anarrow band path of a low-power wide area network. The independentlocation data can include mobile terminal location response data that isjoined to local data sensor measurements. The electronic logging devicecan maintain an hours of service record that tracks movement of themobile transportation equipment based on the GPS location data.

The operations can further include determining that a spatio-temporalmisalignment exists between the independent location data and the GPSlocation data for the mobile transportation equipment. The operationscan further include providing spatio-temporal data alignment thatgenerates electronic logging device estimates and low-power wide areadevice estimates. The operations can further include determining that aGPS spoofing attack has occurred based on the electronic logging deviceestimates and the low-power wide area device estimates. The operationscan further include creating a GPS spoofing alert for the mobiletransportation equipment. In some embodiments, the operations canfurther include detecting that an off-duty driving mode was activated onthe mobile transportation equipment, and obtaining a locationobfuscation constraint parameter that defines an allowable deviationdistance for the mobile transportation equipment. In some embodiments,in response to determining that a deviation distance exceeds theallowable deviation distance provided by the obfuscation constrainparameter, the operations can include generating corrected route datarepresenting an actual location of the mobile transportation equipmentduring the spoofing attack. In some embodiments, in response todetermining that a deviation distance does not exceed the allowabledeviation distance provided by the location obfuscation constraintparameter, the operations can include withholding the GPS spoofing alertfrom being provided to the electronic logging device until the deviationdistance exceeds the allowable deviation distance. In some embodiments,the operations can include generating an hours of service correctioncommand that includes the GPS spoofing alert, where the hours of servicecorrection command instructs the electronic logging device to update anhours of service log with corrected route data and spoofing timeidentifiers corresponding to the spoofing attack.

According to another aspect of the concepts and technologies disclosedherein, a method is disclosed according to an embodiment. In variousembodiments, the method can include identifying, by a network serverexecuting a processor, a mobile transportation equipment comprising anelectronic logging device and a low-power wide area device, where theelectronic logging device obtains GPS location data from a GPS receiverunit and the low-power wide area device obtains independent locationdata via a narrow band path of a low-power wide area network. Theindependent location data can include mobile terminal location responsedata that is joined to local data sensor measurements. The electroniclogging device can maintain an hours of service record that tracksmovement of the mobile transportation equipment based on the GPSlocation data.

The method can further include determining, by the network server, thata spatio-temporal misalignment exists between the independent locationdata and the GPS location data for the mobile transportation equipment.The method can further include providing, by the network server,spatio-temporal data alignment that generates electronic logging deviceestimates and low-power wide area device estimates. The method can alsoinclude determining, by the network server, that a GPS spoofing attackhas occurred based on the electronic logging device estimates and thelow-power wide area device estimates. The method can also includecreating, by the network server, a GPS spoofing alert for the mobiletransportation equipment. In some embodiments, the method can furtherinclude detecting, by the network server, that an off-duty driving modewas activated on the mobile transportation equipment, and obtaining alocation obfuscation constraint parameter that defines an allowabledeviation distance for the mobile transportation equipment. In someembodiments, in response to determining that a deviation distanceexceeds the allowable deviation distance provided by the locationobfuscation constraint parameter, the method can include generating, bythe network server, corrected route data representing an actual locationof the mobile transportation equipment during the spoofing attack. Insome embodiments, in response to determining that a deviation distancedoes not exceed the allowable deviation distance provided by thelocation obfuscation constraint parameter, the method can includewithholding, by the network server, the GPS spoofing alert from beingprovided to the electronic logging device until the deviation distanceexceeds the allowable deviation distance. In some embodiments, themethod can include generating, by the network server, an hours ofservice correction command that includes the GPS spoofing alert, wherethe hours of service correction command instructs the electronic loggingdevice to update an hours of service log with corrected route data andspoofing time identifiers corresponding to the spoofing attack.

According to another aspect of the concepts and technologies disclosedherein, a computer storage medium is disclosed according to anembodiment. The computer storage medium can have computer-executableinstructions stored thereon that, in response to execution by aprocessor of a system, cause the processor to perform operations. Insome embodiments, the operations can include identifying a mobiletransportation equipment comprising an electronic logging device and alow-power wide area device, where the electronic logging device obtainsGPS location data from a GPS receiver unit and the low-power wide areadevice obtains independent location data via a narrow band path of alow-power wide area network. The independent location data can includemobile terminal location response data that is joined to local datasensor measurements. The electronic logging device can maintain an hoursof service record that tracks movement of the mobile transportationequipment based on the GPS location data.

The operations can further include determining that a spatio-temporalmisalignment exists between the independent location data and the GPSlocation data for the mobile transportation equipment. The operationscan further include providing spatio-temporal data alignment thatgenerates electronic logging device estimates and low-power wide areadevice estimates. The operations can further include determining that aGPS spoofing attack has occurred based on the electronic logging deviceestimates and the low-power wide area device estimates. The operationscan further include creating a GPS spoofing alert for the mobiletransportation equipment. In some embodiments, the operations canfurther include detecting that an off-duty driving mode was activated onthe mobile transportation equipment, and obtaining a locationobfuscation constraint parameter that defines an allowable deviationdistance for the mobile transportation equipment. In some embodiments,in response to determining that a deviation distance exceeds theallowable deviation distance provided by the obfuscation constrainparameter, the operations can include generating corrected route datarepresenting an actual location of the mobile transportation equipmentduring the spoofing attack. In some embodiments, in response todetermining that a deviation distance does not exceed the allowabledeviation distance provided by the obfuscation constrain parameter, theoperations can include withholding the GPS spoofing alert from beingprovided to the electronic logging device until the deviation distanceexceeds the allowable deviation distance. In some embodiments, theoperations can include generating an hours of service correction commandthat includes the GPS spoofing alert, where the hours of servicecorrection command instructs the electronic logging device to update anhours of service log with corrected route data and spoofing timeidentifiers corresponding to the spoofing attack.

It should be appreciated that the above-described subject matter may beimplemented as a computer-controlled apparatus, a computer process, acomputing system, a method, or as an article of manufacture such as acomputer storage medium. These and various other features will beapparent from a reading of the following Detailed Description and areview of the associated drawings.

This Summary is provided to introduce a selection of concepts in asimplified form that are further described below in the DetailedDescription. This Summary is not intended to identify key features oressential features of the claimed subject matter, nor is it intendedthat this Summary be used to limit the scope of the claimed subjectmatter. Furthermore, the claimed subject matter is not limited toimplementations that solve any or all disadvantages noted in any part ofthis disclosure.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram illustrating an example operating environmentfor implementing global positioning system spoofing countermeasures,according to an illustrative embodiment.

FIG. 2 is a block diagram illustrating aspects of providingspatio-temporal data alignment, according to various embodimentsdisclosed herein.

FIGS. 3A and 3B provide a flow diagram illustrating aspects of a methodfor global positioning system spoofing countermeasures, according to anillustrative embodiment.

FIG. 4A is a flow diagram illustrating aspects of a method for providingspatio-temporal data alignment, according to an illustrative embodiment.

FIG. 4B is a flow diagram illustrating aspects of another method forglobal positioning system spoofing counter measures, according toanother illustrative embodiment.

FIG. 5 is a diagram illustrating an example network capable ofimplementing aspects of the embodiments discussed herein.

FIG. 6 is a block diagram illustrating an example computer systemcapable of implementing aspects of the embodiments presented anddescribed herein.

FIG. 7 is a diagram illustrating an example user equipment capable ofimplementing aspects of the concepts and technologies described hereinaccording to embodiments of the present disclosure.

DETAILED DESCRIPTION

The following detailed description is directed to global positioningsystem spoofing countermeasures, according to various embodiments.Business policies, industry standards, and government regulations havebecome a driving force in ensuring that vehicles and othertransportation equipment are operated in a safe manner. In the productshipping industry, various government regulations may dictate how long apiece of equipment is allowed to be in use during a specific timeinterval, and thus mandatory periods of rest (i.e., non-movement) may berequired. For example, the driver of a tractor-trailer or other MobileTransportation Equipment (“MTE”) may be mandated by law to take restbreaks during scheduled intervals, and thus the correspondingtransportation vehicle and/or equipment is expected not to move whilethe driver is on-duty (i.e., performing duties to fulfil a requiredobligation of moving equipment and/or cargo). Public safety can bepromoted by ensuring that the driver is adequately alert and focused forensuring proper delivery and/or operation of transportation equipment,and thus some vehicles and/or other transportation equipment may besubject to government regulations, such as and Electronic Logging DeviceMandate from the United States Federal Motor Carrier SafetyAdministration (“FMCSA”). To comply with various regulations, instancesof an MTE may implement, or otherwise be outfitted with, an ElectronicLogging Device (“ELD”) that tracks, monitors, and/or otherwise generatesa record of movement for the corresponding MTE at designated timeintervals. In some embodiments, instances of an ELD may be required toprovide an electronic Hours of Service (“HOS”) record that includesinstances of data that provides the location and velocity of the MTE fora particular time instance and/or interval. Instances of an ELD caninclude a GPS receiver unit that receives authentic GPS signals, whichin turn are used to generate GPS-based location data that can beinstantiated or otherwise recorded in the HOS record, thereby providinga log of location and/or velocity at an indicated time. Instances of anELD are designed with the intent to be tamper-proof, specifically toprevent falsification of the GPS-based data within the HOS record thatindicates the location, velocity, and/or time of operation of an MTE.

In various industries, an on-time and/or early arrival of products canbe financially advantageous for one or more persons and/or entities. Assuch, some nefarious actors may seek to thwart government regulations byimplementing a GPS spoofing attack, which attempts to manipulate orotherwise falsify data within the HOS record of an ELD, therebypotentially allowing an MTE to travel farther and/or faster than allowedby regulation without the unauthorized movement being recorded orotherwise logged by the ELD. Specifically, some nefarious actors mayseek to implement or otherwise trigger a GPS spoofing attack via the useof a GPS spoofing device to generate GPS spoofing signals that providefalse or otherwise inaccurate data to another device (e.g., an ELD of anMTE) that is within proximity of the GPS spoofing device and that iscapable of receiving the GPS spoofing signals. A GPS spoofing device caninclude a transceiver that is configured to generate GPS spoofingsignals at the same and/or similar frequency as authentic GPS signalsprovided by GPS satellites, but the GPS spoofing signals are transmittedat a higher transmitting power than the authentic GPS signals. In someimplementations, the GPS spoofing device is configured to synchronizetransmission of the GPS spoofing signals with the authentic GPS signalsso as to mimic transmission operations of the GPS satellites, and thusin turn can cause a GPS spoofing attack to occur in a manner that isstealthy, that is not immediately detected by the ELD. As such, the GPSspoofing signals override or otherwise over-power the authentic GPSsignals, thereby causing a receiving device (e.g., the GPS receiver unitof the ELD) to lock onto (i.e., redirect operations of the ELD so as touse the GPS signals transmitted at a higher power, which in thisscenario would be the GPS spoofing signals) and analyze the GPS spoofingsignals instead of the authentic GPS signals, and thus use whatever datais provided by the GPS spoofing device instead of data provided byauthentic GPS signals from the GPS satellites. Therefore, a GPS spoofingdevice can attempt to manipulate or otherwise provide false GPSmeasurements and location information to one or more receiving devicesand/or applications without physically tampering with the layout and/orconfiguration of the ELD.

Some traditional attempts to detect GPS spoofing attacks (i.e., detectwhen GPS spoofing signals are being received instead of authentic GPSsignals) may include analyzing the GPS spoofing signal (and/or potentialreceipt of GPS spoofing signals) on the local receiving device while theGPS spoofing signal is being received on the local receiving device. Yetreal-time signal processing on the local receiving device can be complexand demanding on computing resources, thereby causing an increased powerdrain, increased processor utilization, and decreased memoryavailability. In turn, the local device (e.g., an ELD) would have to bereconfigured with expensive components to handle the real-time, localsignal processing, and thus may be impractical or otherwise not befeasible for large-scale, mass market deployment. Additionally, anyGPS-receiving device that is within operating proximity of the GPSspoofing device (i.e., within transmission range of the GPS spoofingdevice) may also be affected by the GPS spoofing signals, and thus anyGPS-based location information (which was generated from a device withinproximity of the GPS spoofing device) may be inaccurate, incomplete,and/or infeasible to derive because the authentic GPS signals are beingoverpowered by the GPS spoofing device.

As such, embodiments of the present disclosure provide a Low-Power WideArea (“LPWA”) device that lacks a GPS receiver unit, and thus does nothave GPS capability (i.e., does not have the ability to receive GPSsignals, whether authentic or spoofing). The LPWA device can beconfigured as a cellular Internet of Things device that conforms to oneor more Low-Power Wide Area Network radio protocols, which are discussedbelow in further detail. The LPWA device can use a narrow bandcommunication path to request and obtain non-GPS-based locationinformation from nodes of the cellular network. The LPWA device can alsoinclude a local device sensor that is configured as a barometric sensorand/or an altimeter. The LPWA device can use the local device sensor toobtain altitude measurements and data that is not based on GPS signals.The local device sensor and the non-GPS-based location information canform instances of independent location information. Yet because the LPWAdevice may be configured with a lower sampling rate than the samplingrate of the GPS receiver unit in the ELD, non-GPS-based locationinformation is obtained less frequently than the GPS location dataprovided by the ELD. As a result, the independent location informationmay exhibit spatio-temporal misalignment. Aspects of the presentdisclosure can provide a GPS spoofing detection service that correctsthe spatio-temporal misalignment and generates time-aligned estimates oflocation and velocity for the LPWA device, thereby allowing the GPSspoofing detection service to compare GPS-based location informationwith non-GPS-based location information. If the estimated location ofthe ELD deviates from the estimated location of the LPWA device beyondan allowable amount (where the allowable amount may be determined basedon operations that provide statistical decisions and iterativehypothesis testing), then the GPS spoofing detection service canindicate that a GPS spoofing attack has occurred.

The GPS spoofing detection service can comply with various governmentalprivacy regulations by allowing for a deviation to occur within adefined amount when an MTE is operating or otherwise used for personalconveyance, such as when in an off-duty driving mode. By this, alocation record may be obfuscated when the off-duty driving mode isactivated while the MTE operates within the allowable deviation amount.In instances where the MTE is on-duty and/or the allowable deviationamount is exceeded, then the GPS spoofing detection service can generatecorrect location information so that corrected route data can beprovided to the ELD. The GPS spoofing detection service can update alocation data record for the MTE on the network, and in someembodiments, may send a message to the MTE to update or otherwise recordthat a GPS spoofing attack has occurred, such as via an update to theHOS record of the ELD. Therefore, the concepts and technologies of thepresent disclosure can provide non-GPS-based mechanisms for detecting aGPS spoofing attack in a manner that allows an ELD to accurately trackthe movement of the MTE while in the presence of a GPS spoofing device,thereby improving functionality of the ELD and maintaining operationalsecurity via the use of the LPWA device. These and other aspects of theconcepts and technologies disclosed herein will be illustrated anddescribed in more detail below.

While some of the subject matter described herein may occasionally bepresented in the general context of program modules that execute inconjunction with the execution of an operating system and applicationprograms on a computer system, those skilled in the art will recognizethat other implementations may be performed in combination with othertypes of program modules. Generally, program modules include routines,programs, components, data structures, and other types of structuresthat perform particular tasks or implement particular abstract datatypes in response to execution on a processor so as to transform theprocessor into a particular machine. Moreover, those skilled in the artwill appreciate that the subject matter described herein may bepracticed with other computer system configurations, including hand-helddevices, vehicle computer systems, network access nodes, networkservers, multiprocessor systems, microprocessor-based or programmableconsumer electronics, minicomputers, mainframe computers, and otherparticularized, non-generic machines.

Referring now to FIG. 1, aspects of an operating environment 100 forimplementing various embodiments of the concepts and technologiesdisclosed herein for global positioning system spoofing countermeasureswill be disclosed, according to an illustrative embodiment. It should beunderstood that the operating environment 100 and the various componentsthereof have been illustrated for clarity purposes to simplify themanner of discussion. Accordingly, additional and/or alternatecomponents can be made available or otherwise implemented within theoperating environment 100 without departing from the embodimentsdescribed herein. As such, the manner of discussion is provided suchthat one of ordinary skill in the technology can implement one or moreembodiments described herein.

The operating environment 100 shown in FIG. 1 includes a GlobalPositioning System (“GPS”) 102, a GPS spoofing device 108, a MobileTransportation Equipment (“MTE”), such as an MTE 110, a communicationsnetwork (“network”) 150, a Low-Power Wide Area network (“LPWAN”) 152, aradio access network (“RAN”) 154, a network access point 156, a MobilityManagement Entity (“MME”) 160, a Gateway Mobile Location Center (“GMLC”)162, and a network server 170. The number of instances shown in FIG. 1is for illustration purposes only and should not be construed aslimiting in any way. Therefore, it is understood that zero, one, two, ormore instances of each of the components shown in FIG. 1 may be providedin various embodiments.

In the operating environment shown in FIG. 1, the GPS 102 can include aplurality of GPS satellites, such as GPS satellites 104A-N. Each of theGPS satellites 104A-N can orbit around the earth and can be configuredto generate, transmit, and provide an authentic GPS signal, such as anyof the authentic GPS signals 106A-N, to any device that is within anarea of coverage and capable of receiving the authentic GPS signals106A-N. The instances of the authentic GPS signals 106A-N can be used byvarious GPS-based receiving devices to determine where the GPS-basedreceiving device is located. As such, in various embodiments, theauthentic GPS signals 106A-N can provide accurate location data in theform of one or more instance of GPS measurements, such as GPSmeasurements 138. A GPS receiver unit (e.g., GPS receiver unit 131discussed below) can receive messages (sent from the GPS satellites104A-N) that include the GPS measurements 138 in the format of data setsthat enable the GPS receiver unit 131 to derive or otherwise determinethe location of the sending GPS satellite and time provided by thesending GPS satellite, which in turn can cause the GPS receiver unit 131to estimate or otherwise determine its own location (i.e., a location ofan ELD 130, which is used for the location of the MTE 110) and anylocation uncertainty values. The GPS measurements 138 can include datafor latitude, longitude, altitude, a time stamp, uncertainty values forhorizontal distances (e.g., measured in meters), uncertainty values forvertical distance, such as altitude (e.g., measured in meters), aconfidence level for horizontal distances (i.e., percentage confidencelevel of the return position estimate), and/or a confidence level forvertical distance, such as for altitude distances.

The authentic GPS signals 106A-N can be used to determine an actuallocation 192 of the device receiving the authentic GPS signals 106A-N,such as an instance of an ELD 130 of the MTE 110. Therefore, an instanceof the GPS measurements 138 can correspond with (or otherwise represent)the actual location 192 when the GPS measurements 138 are calculated orotherwise determined using only the authentic GPS signals 106A-N. Asdiscussed in further detail below, an instance of the GPS measurements138 can correspond with (or otherwise represent) a spoofed location(i.e., a location that is deliberately false, incorrect, or otherwisemisleading and thus not the actual location 192), such as a spoofedlocation 107A, when the GPS measurements 138 are calculated or otherwisedetermined using one or more GPS spoofing signals, such as any of GPSspoofing signals 109A-N.

In some embodiments, the operating environment 100 can include one ormore instances of the GPS spoofing device 108. The GPS spoofing device108 can be configured so as to cause or otherwise implement a GPSspoofing attack, such as a GPS spoofing attack 107. A GPS spoofingattack 107 occurs when the GPS spoofing device 108 transmits one or moreGPS spoofing signals 109A-N having false or otherwise inaccurateinformation so that a spoofed location 107A is reported and/or recordedby a receiving device (e.g., the ELD 130 of the MTE 110) instead of theactual location 192, thereby causing the ELD 130 to record informationthat appears as though the MTE 110 was at the spoofed location 107A,when in reality the MTE 110 was at the actual location 192. The spoofedlocation 107A refers to or otherwise represents a geographic locationthat is intentionally inaccurate or otherwise a deliberatemisrepresentation of the actual location 192 of the correspondingreceiving device (e.g., the ELD 130 and/or the MTE 110). The GPSspoofing device 108 can include any device that is configured to operatein a manner that causes (or attempts to cause) an instance of the GPSspoofing attack 107. For example, the GPS spoofing device 108 caninclude circuitry and a transmitter that is configured to generate theGPS spoofing signals 109A-N that provide data representing the spoofedlocation 107A.

In various embodiments, the GPS spoofing signals 109A-N may beconfigured at least similar to the authentic GPS signals 106A-N suchthat the ELD 130 may not recognize that the GPS spoofing signals 109A-Nare being transmitted from the GPS spoofing device 108 instead of theGPS satellites 104A-N. For example, the GPS spoofing device 108 can beconfigured to transmit the GPS spoofing signals 109A-N on a channel thatis used by one or more of the GPS satellites 104A-N (i.e., at afrequency that may be at least similar to and/or the same as theauthentic GPS signals 106A-N transmitted by one or more of the GPSsatellites 104A-N). The GPS spoofing signals 109A-N are transmitted at ahigher power than the authentic GPS signals 106A-N, and thereforeamplitude of the GPS spoofing signals 109A-N may be higher relative tothe amplitude of the authentic GPS signals 106A-N. In variousembodiments, the GPS spoofing signals 109A-N may affect any receivingdevice (capable of receive GPS signals) that is within transmissionrange of the GPS spoofing device 108.

In various embodiments, the ELD 130 may be configured to mitigatepotential interruptions in location tracking by using the incoming GPSsignals that have the highest signal strength. The GPS spoofing device108 transmits the GPS spoofing signals 109A-N at a higher power than theauthentic GPS signals 106A-N transmitted by the GPS satellites 104A-N.As such, the GPS spoofing signals 109A-N will be interpreted by the ELD130 as having a higher signal strength than the authentic GPS signals106A-N. Therefore, the ELD 130 may use the GPS spoofing signals 109A-Ninstead of the authentic GPS signals 106A-N. The GPS spoofing device 108can configure one or more of the GPS spoofing signals 109A-N such thatan instance of the GPS measurements 138 recorded by the ELD 130represents inaccurate or otherwise false measurements (e.g., alternatelatitude, alternate longitude, alternate altitude, alternate time stamp,alternate uncertainty values, alternate confidence levels, etc.).Therefore, when an instance of the GPS measurements 138 is recorded bythe ELD 130 based on one or more of the GPS spoofing signals 109A-N,that instance of the GPS measurements 138 can represent or otherwisecorrespond to the spoofed location 107A instead of the actual location192 of the MTE 110.

The operating environment 100 can include one or more instance of theMTE 110. In some embodiments, instances of the MTE 110 can be configuredas equipment that enables the transportation of persons and/or property,such as but not limited to, one or more of a ground-based vehicle thatis capable of receiving GPS signals and is capable of communicating withthe LPWAN 152 (e.g., a car, a truck, a van, a limousine, a railroad carand/or locomotive, a bus, a semi-trailer truck, a trailer, a trucktrailer, cargo shipping containers, snow-capable vehicles, earth-movingequipment, farming/agriculture equipment, a motorcycle, a tricycle, orany other ground-based vehicle that is subject to a mandate orregulation to provide electronic logging), an air-based vehicle that iscapable of receiving GPS signals and is capable of communicating withthe LPWAN 152 (e.g., an unmanned aircraft vehicle, a remote-controlledvehicle, and/or any other flying vehicle that is configured to receiveGPS signals and communicate with a low-power wide area network), a userequipment (e.g., a smart phone, a tablet, a laptop, a component of asmart home such as a smart appliance, and/or any other user equipmentthat is configured to receive GPS signals and capable of communicatingwith a low-power wide area network), and/or any other device that isconfigured with an instance of the ELD 130 that can receive GPS signalsfor location determination. In some embodiments, an instance of the MTE110 can include vehicle components for mechanical and/or electricalfunctions (e.g., engine, drivetrain, electrical system, etc.), a vehicleprocessor, a vehicle memory, a vehicle firmware, a vehicle operatingsystem and/or safety system, an electronic control unit, one or morevehicle software applications, a display device, an input/outputcomponent, a vehicle wireless communications component (e.g., radiocomponents), an instance of a vehicle communication interface (e.g., toimplement a vehicle-to-everything communication scheme), and/or othermechanical, electrical, and/or hydraulic components that facilitatefunction of the MTE 110.

In various embodiments, an instance of the MTE 110 can include aprocessor 111, a memory 112, a head unit 114, a telematics control unit(“TCU”) 116, a low-power wide area device (“LPWA device”) 120, and anelectronic logging device (“ELD”), such as the ELD 130. The processor111 can include one or more instance of a processing unit and/orprocessing circuitry. In various embodiments, an instance of theprocessor 111 can be configured at least similar and/or identical to aninstance of a processing unit discussed below with respect to FIG. 6. Invarious embodiments, an instance of the memory 112 can include one ormore instance of a data storage device. In some embodiments, the memory112 can include volatile and/or non-volatile memory implemented in anymethod or technology for storage of information, where the informationcan be configured in a form such as computer-executable instructions,data structures, software program modules, or other data disclosedherein. It is understood that, in the claims use of the term “memory”and “computer storage medium” and variations thereof does not include,and shall not be construed to include, a wave or a signal per se and/orcommunication media. The memory 112 can be configured substantiallysimilar to memory discussed further below with respect to FIG. 6. Itshould be understood that the examples provided are for illustrationpurposes only, and therefore should not be construed as limiting in anyway.

In various embodiments, an instance of the MTE 110 can be identified orotherwise correspond to an equipment identifier, such as an MTEidentifier 113. In some embodiments, the MTE identifier 113 may beassigned and/or correspond to one or more components of the MTE 110,such as the ELD 130 and/or the LPWA device 120. By this, the variousnetwork devices (e.g., the network server 170) and/or services of theoperating environment 100 may determine an identity of the MTE 110and/or corresponding components (e.g., the LPWA device 120 and/or theELD 130) based on the MTE identifier 113. As such, in some embodiments,messages, requests, responses, and/or communications to and/or from theMTE 110 may include an instance of the MTE identifier 113 for use inidentification purposes. Examples of the MTE identifier 113 can include,but are not limited to, a serial number, an International MobileSubscriber Identifier (“IMSI”), a Mobile Equipment Identifier (“MEID”),a telephone number, a vehicle identification number (“VIN”), an InternetProtocol address, a profile number, an address, a user-name, or one ormore strings indicating a unique identity of the MTE 110 and/or anycomponent associated therewith (e.g., the LPWA device 120 and/or the ELD130). It should be understood that the examples provided are forillustration purposes only, and therefore should not be construed aslimiting in any way.

In various embodiments, an instance of the MTE 110 can include aninstance of the head unit 114. The head unit 114 can include one or moreinstances of a processor, memory, circuitry, and/or a display device forpresenting a user interface that can provide visual images and/oraudiovisual input and output. The head unit 114 also can include (and/orbe communicatively coupled to) input and output components that provideaudio input/output (e.g., via one or more speakers and/or microphones)and receive input and/or provide output to/from a user (e.g., via atouchscreen of the display device, a projector, visual indicators,buttons, switches, haptic feedback units, etc.). In some embodiments,the head unit 114 can be configured to include a heads-up display, avehicle information display, a console display, blind spot alertmechanisms, a projector, a combination thereof, or any other audio,visual, and/or haptic feedback mechanism that can communicate or conveyinformation to a user associated with the MTE 110 and/or a componenttherein (e.g., the LPWA device 120 and/or the ELD 130). In someembodiments, information and data pertaining to the current and/orprevious location of the MTE 110 can be provided or otherwise presentedto a user via the head unit 114 through visual presentation and/or audiopresentation via one or more user interface. In some embodiments, thehead unit 114 can be fixed within the MTE 110 and/or be configured as aremoveable device. In some embodiments, the head unit 114 can compriseone or more components of the MTE 110 (e.g., the LPWA device 120 and/orthe ELD 130), and thus in some embodiments, one or more components ofthe MTE 110 may share a housing with the head unit 114. It should beunderstood that the examples provided are for illustration purposesonly, and therefore should not be construed as limiting in any way.

In various embodiments, aspects of the present disclosure can providetracking obfuscation using dynamic, scalable location accuracy duringthe presence of a GPS spoofing attack (discussed in further detailbelow) so as to mitigate driver harassment and promote privacyprotection, thereby complying with requirements of a regulatory entity,such as but not limited to an ELD mandate from the FMCSA. For example,in various embodiments, a component of the MTE 110 (e.g., the head unit114 and/or the ELD 130) can provide a user interface that enables a user(e.g., a driver of the MTE 110) to select (or otherwise provide inputcorresponding to) one or more operating modes, such as but not limitedto, an active driving mode 115A and/or an off-duty driving mode 115B. Insome embodiments, while the MTE 110 is being used for personalconveyance (e.g., while the driver of the MTE 110 is off-duty and isusing the MTE 110 for personal use), a regulatory mandate may requirethat the precision of tracking the location of the MTE 110 must decreaseor otherwise be obfuscated so that the precise location of the MTE 110is tracked, logged, or otherwise recorded according to a broader area,such as by the location of the MTE 110 being recorded as being within adefined amount (e.g., a ten miles radius) from the actual location ofthe equipment being tracked (e.g., the MTE 110). The defined amountwhich the precision should be decreased can be defined by a locationobstruction constraint parameter (“LOCP”), such as an LOCP 189. Forexample, in some embodiments, when the active driving mode 115A isactivated, the precision for location tracking and/or logging may bewithin one foot of the actual location 192 of the MTE 110, but when theoff-duty driving mode 115B is activated, the precision for locationtracking and/or logging may decrease as defined by the LOCP 189, such aswithin ten miles of the actual location 192 of the MTE 110. It isunderstood that a decrease in precision yields an increase in thegeneralization of the location reported. Therefore, in variousembodiments, each of the active driving mode 115A and the off-dutydriving mode 115B can trigger one or more operations and/orconfigurations that can affect how an instance of the ELD 130 recordsmovement and location data regarding the position, velocity, and/or timewhich the MTE 110 is being used. The driver (or another user)corresponding to the MTE 110 can indicate when the MTE 110 is being usedfor personal conveyance (and/or to otherwise to indicate that the MTE110 is no longer on-duty and thus the MTE 110 is not being used in anofficial capacity) by selecting or otherwise activating the off-dutydriving mode 115B. When the active driving mode 115A is activated (andthus the MTE 110 is on-duty), location tracking and logging should occurwithout tracking precision constraints (i.e., without applying the LOCP189). When the off-duty driving mode 115B is activated (and thus the MTE110 is not in use and/or being used for personal conveyance), the LOCP189 may be applied to location data, which in turn can cause the ELD 130to track or otherwise report the location of the MTE 110 with lessprecision than normal (i.e., less precision than when in active drivingmode 115A), such as according to the distance amount defined by the LOCP189 (e.g., recording the location according to a 10 mile radius insteadof within a normal one foot radius of the actual location 192). Itshould be understood that the examples provided are for illustrationpurposes only, and therefore should not be construed as limiting in anyway.

In some embodiments, an instance of the MTE 110 can include a telematicscontrol unit (“TCU”), such as the TCU 116. The TCU 116 can includecommunication components and circuitry that provide and supportcommunicative coupling with other devices and/or networks, such as butnot limited to, the network 150, the LPWAN 152, the RAN 154, the MME160, the GMLC 162, and/or the network server 170. In some embodiments,the TCU 116 can send, receive, and/or control communication flow to/fromthe head unit 114 and/or another component of the MTE 110, although thismay not necessarily be the case. In some embodiments, the TCU 116 mayinclude, or otherwise communicate with, an instance of the ELD 130. Assuch, in some embodiments, the TCU 116 may be capable of receiving GPSsignals (e.g., the authentic GPS signals 106A-N and/or the GPS spoofingsignals 109A-N). In some embodiments, the TCU 116 can provide a wirelessinterface for mobile communication (e.g., GSM, GPRS, Wi-Fi, WiMax, 2G,3G, 4G, LTE, 5G NR, etc.) to provide communicative coupling or otherwiseenable and facilitate communication with the RAN 154 and/or the network150. In some embodiments, the TCU 116 can indicate an amount of cellularsignal strength, available network connections, and other informationpertaining to communication to/from and/or network location of the MTE110. In some embodiments, information provided by the TCU 116 can bepresented to a user via the head unit 114. The TCU 116 can expose one ormore network communication interfaces that provide cellularcommunication paths to a network access point, such as a communicationpath 2 (which may be a broad-band path) between the network access point156 and the MTE 110. It should be understood that the examples providedare for illustration purposes only, and therefore should not beconstrued as limiting in any way.

In various embodiments, the operating environment 100 can include aninstance of the ELD 130. The ELD 130 can, in some embodiments, beincluded in, or otherwise correspond to, an instance of the MTE 110. Insome embodiments, the ELD 130 is activated and can provide locationtracking whenever the MTE 110 is powered on and/or can be integrallysynchronized with the engine (or other motor) of the MTE 110. The ELD130 can be configured to provide hour of service recordation andlocation tracking so as to conform to a regulatory mandate, such as amandate, rule, and/or requirement from a government agency. The ELD 130can include a GPS receiver unit, such as a GPS receiver unit 131. TheGPS receiver unit 131 refers to any device that is capable of receivingGPS signals (e.g., any of the authentic GPS signals 106A-N and/or theGPS spoofing signals 109A-N). The GPS receiver unit 131 can include aprocessor, a memory, and/or circuitry that enables determination as tothe current location of the ELD 130. Therefore, when the ELD 130 isincluded in and/or traveling with the MTE 110, the ELD 130 can serve todetermine, track, and record the current location of the MTE 110. Invarious embodiments, when the GPS receiver unit 131 receives andanalyzes GPS signals (e.g., any of the authentic GPS signals 106A-Nand/or the GPS spoofing signals 109A-N), one or more instances of GPSmeasurements 138 can be determined and recorded during a defined timeinstance, which is based on a sampling rate 132 of the GPS receiver unit131. For example, in some embodiments, the sampling rate 132 mayindicate that an instance of the GPS measurements 138 are determinedevery 500 milliseconds.

In various embodiments, an instance of the GPS measurements 138 for aparticular time instance can be formatted and stored as an instance ofGPS location data, such as GPS location data 136A-N. The GPS locationdata 136A-N includes instances of the GPS measurements 138, andtherefore includes data discussed above with respect to the GPSmeasurement 138. In various embodiments, one or more of the instances ofthe GPS location data 136A-N can pertain or otherwise reflectinformation about the spoofed location 107A based on an instance of theGPS measurements 138 being received from the GPS spoofing device 108 viathe GPS spoofing signals 109A-N. In various embodiments, one or more ofthe instances of the GPS location data 136A-N can pertain or otherwisereflect information about the actual location 192 of the MTE 110 basedon an instance of the GPS measurements 138 being received from the GPSsatellites 104A-N. The GPS location data 136A-N can be stored orotherwise recorded in an Hours of Service (“HOS”) record, such as an HOSrecord 134. In some embodiments, the HOS record may be referred to as anHOS log. The HOS record 134 can indicate or otherwise provide a recordof activity pertaining to the MTE 110 by obtaining and recordinginformation at every defined time interval, such as provided by thesampling rate 132. For example, in some embodiments, the HOS record 134can record or otherwise include any of date information, time andlocation information (e.g., time and location information provided bythe GPS location data 136A-N through various instances of the GPSmeasurements 138), engine hours, vehicle miles (i.e., odometer readingsfrom the MTE 110), driver identification information (e.g., a driver'sname, license number, etc.), authenticated user information (e.g., aninstance of the MTE identifier 113), information about the MTE 110(e.g., make, model, type, etc.), information about a motor carrier(i.e., information about an entity associated with the MTE 110), acombination thereof, or the like.

In various embodiments, the ELD 130 can report or otherwise provide theGPS location data 136A-N, and/or any other information included in theHOS record 134, to the network 150 at a designated measurement period,such as a measurement period 177. In some embodiments, the measurementperiod 177 may be referred to as a first measurement period (T₁).Specifically, the ELD 130 and/or another component of the MTE 110 (e.g.,the TCU 116) can send a GPS-based measurement message 140 to the networkaccess point 156 of the RAN 154 via the communication path 2. In someembodiments, the communication path 2 can provide an air interface thatsupports voice calls and/or data calls to a cellular network (e.g., a Uuinterface with the RAN 154). The network access point 156 can relay theGPS-based measurement message 140 to the MME 160 via the RAN 154, whichin some embodiments may occur using an S1 interface, although this maynot necessarily be the case. The MME 160 can relay the GPS-basedmeasurement message 140 to the GMLC 162, which may occur via a SLginterface, although this may not necessarily be the case. The GPS-basedmeasurement message 140 can be addressed or otherwise directed to theGMLC 162, which can be configured to store or otherwise record instancesof the GPS-based measurement messages 140 (along with the GPS locationdata 136A-N included therein) in an MTE location data record, such as anMTE location data record 164. The MTE location data record 164 can beaccessed by one or more users and/or administrators via the network 150,and therefore can allow for information about the MTE 110 to bedetermined on demand via a network portal. In various embodiments, theMTE location data record 164 can include a GPS location measurement set176 and a non-GPS-based location measurement set 178. The GPS locationmeasurement set 176 can include the GPS location data 136A-N overvarious time instances as the GPS-based measurement messages 140 arereceived. In various embodiments, the GPS location measurement set 176can be updated at a time defined by the measurement period 177.

In various embodiments, the MTE 110 can include an instance of the LPWAdevice 120. The LPWA device 120 can include an LPWA network (“LPWAN”)transceiver 122 and a local device sensor 123. The LPWA device 120 canbe configured to provide communicative coupling, via the LPWANtransceiver 122, in accordance with one or more Low-Power Wide AreaNetwork radio protocols, such as Narrow Band Internet of Things(“NB-IoT”) that can include LTE Cat NB1 and LTE Cat NB2; LTE-M that caninclude LTE Category X (“Cat X,” where x corresponds to a technicalstandard release, such as Cat-1, Cat-2, etc.), LTE Category MX (“LTECat-MX,” where x corresponds to a technical standard release, such asLTE Cat M1, LTE Cat M2, etc.); Extended Coverage IoT optimized GSMnetwork (“EC-GSM”), a combination thereof, or the like. In variousembodiments, the LPWAN transceiver 122 may not support or otherwiseprovide a streaming, continuous, or otherwise prolonged connection withthe LPWAN 152 because the LPWAN transceiver 122 may be configured toreduce power consumption by limiting communications to intermittentsending and receiving of between the LPWA device 120 and the LPWAN 152.As such, the LPWA device 120 can communicate with the LPWAN 152 via acommunication path 1, where the communication path 1 provides a narrowband path. In various embodiments, the narrow band path is not usedcontinuously and thus may not support voice calls and/or a continuousstreaming connection with the LPWAN 152. In some embodiments, a narrowband path, such as the communication path 1 of the operating environment100, can correspond to or otherwise provide support for a devicereceiving bandwidth within a range of 1.4-20 MegaHertz (“MHz”), such asmay be provided by protocols and specifications for LTE-M. In otherembodiments, a narrow band path can correspond to or otherwise providesupport for a system bandwidth of 200 kiloHertz (“kHz”). In someembodiments, a narrow band path may correspond to or otherwise providesupport for a system bandwidth of less than 200 kHz, such as 180 kHz. Invarious embodiments, the LPWAN transceiver 122 may be configured tosupport burst-type communications (i.e., not sustained) along the narrowband path (e.g., the communication path 1), and therefore the LPWANtransceiver 122 may power-on (or otherwise activate) long enough to sendand/or receive communications (e.g., the mobile terminal locationrequest 142 and/or the mobile terminal location response 146) at definedintervals (e.g., a measurement period 179 discussed herein). The LPWAdevice 120 may be configured to operate so as to conserve power and/oroperate on an intermittent basis and/or ad hoc basis, and thus may beconsidered a “low power” device. As such, in some embodiments, the LPWANtransceiver 122 may not support voice calls and/or continuous datasessions. In contrast, the MTE 110 and/or the ELD 130 may utilize theTCU 116 to communicate, via the communication path 2, at an ongoingbasis (i.e., continuous communication). As such, the ELD 130 can provideGPS-based measurement messages 140 using the communication path 2 thatsupports communications in a continuous, constant, or otherwise frequentmanner. This may be because the communication path 2 is capable of ahigher-bandwidth than the communication path 1, such as due to thecommunication path 2 connecting to the network access point 156 thatsupports an active, ongoing, voice and/or data session between the MTE110 and the RAN 154, while the communication path 2 does not supportcontinuous voice calls and/or streaming session due to itslower-bandwidth and connection to the LPWAN 152. Stated simply, the ELD130 and the TCU 116 may communicate using a communication path (e.g.,the communication path 2) that supports industry standard protocols forcellular communication that are not specific to IoT devices (e.g., 2G,3G, 4G, LTE, etc.), while the LPWA device 120 can operate as a cellularIoT device that uses the LPWAN transceiver 122 to communicate atinfrequent intervals, and therefore utilize narrow band paths (e.g., thecommunication path 1) to interact with the LPWAN 152. It should beunderstood that the examples provided are for illustration purposesonly, and therefore should not be construed as limiting in any way.

In various embodiments, the LPWA device 120 is configured without GPScapability, that is, without having components that are capable ofreceiving GPS signals, such as any of the authentic GPS signals 106A-Nand/or the GPS spoofing signals 109A-N. Therefore, the LPWA device 120may not include an instance of the GPS receiver unit 131. In variousembodiments, the LPWA device 120 is configured without GPS capability inorder to reduce power consumption and decrease the amount of processingresources, memory resources, and/or transceiver components beingimplemented for operation. By this, the LPWA device 120 can serve as amobile IoT device, a cellular IoT device, Narrow Band IoT device, or anyother device that is configured to operate, communicate, or otherwiseinteract with the LPWAN 152 and perform the operations discussed herein.

In various embodiments, the LPWA device 120 can, independent from theELD 130, estimate, verify, and/or otherwise confirm the actual location192 (currently and/or previously) of the MTE 110 without relying on, orotherwise receiving, GPS signals, such as any of the authentic GPSsignals 106A-N and/or the GPS spoofing signals 109A-N. Specifically, theLPWA device 120 can be configured to obtain and/or generate independentlocation data, such as independent location data 125A-N, for use inestimating location of the MTE 110 and detecting an instance of the GPSspoofing attack 107. Instances of the independent location data 125A-Nare not GPS-based (i.e., not generated or otherwise determined based onthe use of GPS signals) because the LPWA device 120 does not receive GPSsignals. In various embodiments, the independent location data 125A-Ncan be generated by the LPWA device 120 less often than the ELD 130generates the GPS location data 136A-N. Specifically, the LPWA device120 has a sampling rate 124 that is less than the sampling rate 132 ofthe ELD 130. For example, in some embodiments, the GPS receiver unit 131of the ELD 130 creates and records instances of the GPS location data136A-N every 250 milliseconds, or another rate defined by the samplingrate 132. The LPWA device 120 may have a sampling rate 124 configured tobe a few orders of magnitude less than the sampling rate 132 of the ELD130, and therefore instances of the independent location data 125A-N aregenerated, measured, and/or recorded less often. In some embodiments,the sampling rate 124 of the LPWA device 120 may be referred to as anindependent location data sampling rate and the sampling rate 132 of theGPS receiver unit 131 (and thus for ELD 130) may be referred to as a GPSlocation data sampling rate.

In various embodiments, instances of the independent location data125A-N can include an instance of mobile terminal location response data126 and one or more instance of a local device sensor measurement 127.Each instance of the independent location data 125A-N can correspond toa particular time instance when non-GPS-based measurements and/or dataare obtained and recorded, such as defined by the sampling rate 124.Instances of the local device sensor measurement 127 can be generatedand obtained by the local device sensor 123, which is not capable ofreceiving GPS signals. The local device sensor 123 can include analtimeter and/or a barometer. In some embodiments, the local devicesensor 123 may configured so as to be insensitive to changes inacceleration, force, and/or, and therefore the local device sensor 123may, in some embodiments, not be considered or otherwise configured asan inertial measurement unit. An instance of the local device sensormeasurement 127 can include one or more of a time stamp indicating thetime when altitude and/or pressure data is determined, an altitudecoordinate, a pressure value, an uncertainty value corresponding to thealtitude coordinate, and/or a confidence level for the altitudecoordinate.

In various embodiments, the mobile terminal location response data 126includes data that is non-GPS-based, and therefore can provide locationinformation that serves to independently determine, estimate, orotherwise identify the actual location 192 of the MTE 110, and in turncan be used to detect an instance of the GPS spoofing attack 107.Instances of the mobile terminal location response data 126 can includeone or more of a time stamp (i.e., date and time when the measurementsfor the location of the LPWA device 120 were collected), a terminallatitude coordinate, a terminal longitude coordinate, an altitudecoordinate, an accuracy value (e.g., a first horizontal uncertaintymeasurement and/or a second horizontal uncertainty measurement, whichmay be measured in meters), a first horizontal confidence level, and/ora second horizontal confidence level. In various embodiments, the mobileterminal location response data 126 can be joined with the local devicesensor measurements 127 to form an instance of the independent locationdata 125A-N. To generate and/or obtain the mobile terminal locationresponse data 126 without reliance on GPS signals, the LPWA device 120can generate and send a mobile terminal location request 142 to anevolved serving mobile location center (“E-SMLC”), such as an E-SMLC158, via the LPWAN 152. The mobile terminal location request 142 canrequest that a network node (e.g., the E-SMLC 158) determine locationinformation for a mobile device (e.g., the LPWA device 120) withoutrelying on GPS signals (e.g., via use of a non-GPS-based networkmechanism, such as a mobile terminal location response that is triggeredby the LPWA device 120 that is configured without GPS capability). TheLPWA device 120 may limit the information provided in the mobileterminal location request 142 to quality of service parameters 144,thereby allowing components of the network (e.g., the E-SMLC 158) todetermine which non-GPS positioning mechanism should be implemented inorder to return the mobile terminal location response data 126 to theLPWA device 120. For example, the quality of service parameters 144 mayinclude the MTE identifier 113 (which the E-SMLC 158 can use to identifythe MTE 110 and/or the LPWA device 120 within the RAN 154 and/or theLPWAN 152), a requested accuracy indicator (e.g., a preferred level ofaccuracy for location data, which may be indicated in meters from 1-100,where an accuracy indicator of 1 meter is more accurate than 100meters), and a maximum time delay (e.g., number of seconds that isallowed to elapse, which may correlate with the sampling rate 124 of theLPWA device 120. The mobile terminal location request 142 can be sentalong the communication path 1, and relayed from the MME 160 to theE-SMLC 158. In some embodiments, the E-SMLC 158 may be supported and/orhosted by the network access point 156, the network server 170, and/oranother computing system of the RAN 154, the network 150, and/or theLPWAN 152. In some embodiments, the E-SMLC 158 may determine themechanism by which to independently locate the LPWA device 120 withinthe RAN 154 without using GPS signals, which in turn enables the E-SMLC158 to provide the mobile terminal location response data 126 to theLPWA device 120. For example, to generate the mobile terminal locationresponse data 126, the E-SMLC 158 may implement non-GP S-basedpositioning mechanisms via one or more instances of the network accesspoint 156, such as one or more of enhanced cellular identification,observed time difference of arrival, adaptive enhanced cell identityfingerprinting, or another network-based operation that does not rely onGPS signals. The E-SMLC 158 can use one or more instances of the networkaccess point 156 to obtain non-GPS-based location measurements andinformation, such as the data and information discussed for the mobileterminal location response data 126. As such, in some embodiments, themobile terminal location response data 126 may represent coordinates andinformation from the perspective of the LPWAN 152, thereby providingindependent location information that does not rely on GPS signals anddoes not require the LPWA device 120 to self-determine its currentlocation. The mobile terminal location response data 126 can be includedin a mobile terminal location response 146, which can be provided backto the LPWA device 120 along another instance of the communicationpath 1. In turn, the LPWA device 120 can extract the instance of themobile terminal location response data 126 for inclusion in an instanceof the independent location data 125A-N for a specific time instance.

In various embodiments, the LPWA device 120 can report instances of theindependent location data 125A-N to the GMLC 162 at a defined interval,such as a measurement period 179. The measurement period 179 may bereferred to as a second measurement period (T₂). The measurement period179 corresponds to how often the independent location data 125A-N isreported to the GMLC 162. Instances of the independent location data125A-N can be stored in the MTE location data record 164 correspondingto the MTE 110. Because the independent location data 125A-N is distinctfrom the GPS location data 136A-N, the MTE location data record 164 maystore the independent location data 125A-N in a non-GPS-based locationmeasurement set 178. The non-GPS-based location measurement set 178 canbe updated with an incoming instance of the independent location data125A-N, as defined by the amount of time indicated in the measurementperiod 179. Therefore, the non-GPS-based location measurement set, suchas the non-GPS-based location measurement set 178 can include theindependent location data 125A-N received from the LPWA device 120,while the GPS location measurement set 176 can include the GPS locationdata 136A-N received from the ELD 130. Because the independent locationdata 125A-N is reported to the GMLC 162 at different time intervals thanthe GPS location data 136A-N (i.e., because the measurement period 179is different that the measurement period 177, specifically themeasurement period 179 being longer than the measurement period 177,resulting in the independent location data 125A-N being reported lessfrequently), the independent location data 125A-N will have a timemisalignment relative to the GPS location data 136A-N. Additionally, theindependent location data 125A-N can exhibit a spatial misalignmentrelative to the GPS location data 136A-N because the independentlocation data 125A-N was not generated using GPS signals (e.g., theauthentic GPS signals and/or the GPS spoofing signals 109A-N), andtherefore the information included in the independent location data125A-N may include different position, velocity, altitude, accuracy,and/or other information relative to the GPS measurements 138 of the GPSlocation data 136A-N. Therefore, when the information provided by theindependent location data 125A-N and the GPS location data 136A-Nexhibits a temporal misalignment and a spatial misalignment, then aspatio-temporal misalignment exists. In various embodiments, aspatio-temporal misalignment between the independent location data125A-N and the GPS location data 136A-N can be detected by one or moreinstances of the network server 170, such as discussed below.

In various embodiments, the operating environment 100 can include one ormore instances of the network server 170. The network server 170 caninclude one or more instances of a processor 171 and a memory 172.Instances of the processor 171 can be configured substantially similarto the processor 111 and/or a processor discussed with respect to FIG.6. Instances of the memory 172 can be configured substantially similarto the memory 112 and/or memory discussed with respect to FIG. 6. Invarious embodiments, one or more instances of the network server 170 cansupport, host, or otherwise provide a spoofing detection service 174.The spoofing detection service 174 may be configured as a softwareplatform that is hosted by one or more computing systems to managedetection of GPS spoofing attacks and provide countermeasures, such asin the form of correction commands discussed below in further detail. Itis understood that the use of the term “service” is intended tocorrespond with one or more network operations that support handling ofcommunications, messages, and/or instructions for detection of GPSspoofing attacks on various equipment. Therefore, any use of the term“service” in the claims shall not be construed or interpreted as beingdirect to, involving, or otherwise including a judicial exception (e.g.,an abstract idea, an idea of itself, an economic process, etc.) or anyother non-patentable subject matter. As such, use of the term “service”shall be construed within the realm of technology as understood by oneof ordinary skill in technology. It should be understood that theexamples provided are for illustration purposes only, and thereforeshould not be construed as limiting in any way.

In some embodiments, the spoofing detection service 174 can beconfigured to provide a software-as-a-service such that various userscan supplement asset and/or fleet tracking with detection of GPSspoofing attacks, such as the GPS spoofing attack 107, therebymitigating against potential regulatory violations. In some embodiments,the spoofing detection service 174 can be provided on behalf of a mobilenetwork operator and/or a communication service provider that supportstracking equipment via instances of the ELD 130. In various embodiments,the spoofing detection service 174 can provide computer-executableinstructions that facilitate execution and performance of the variousoperations discussed herein. The spoofing detection service 174 canoperate to detect instances of the GPS spoofing attack 107, and in someembodiments, can correct and/or supplement the HOS record 134 so thataccurate location information can be recorded and logged by the ELD 130.In various embodiments, the spoofing detection service 174 can implementone or more software managers, modules, tools, filters, and/or clientsthat collect data and perform analysis. For example, in someembodiments, the spoofing detection service 174 can include one or moremeasurement reporting clients 173. In some embodiments, an instance ofthe measurement reporting clients 173 can be configured as a value addedservices location services client. In some embodiments, an instance ofthe measurement reporting clients 173 may be in charge, or otherwisemanage, collecting and updating the MTE location data records 164 withincoming data from the LPWA device 120 and/or the ELD 130.

In various embodiments, the spoofing detection service 174 can performor otherwise provide spatio-temporal data alignment, such asspatio-temporal data alignment 202, which will be discussed in furtherdetail with respect to FIG. 2. When the independent location data 125A-Nis received from the LPWA device 120, a direct comparison against theGPS location data 136A-N may not be available because of thespatio-temporal misalignment. As such, the spoofing detection service174 can reconfigure and transform the independent location data 125A-Nso as to enable a direct comparison with the GPS location data 136A-N,thereby enabling detection for the GPS spoofing attack 107. In variousembodiments, when the spoofing detection service 174 provides thespatio-temporal data alignment 202, position and velocity estimates,along with variances at different confidence levels can be generated forthe ELD 130 and the LPWA device 120, such as ELD estimates 180 and LPWAdevice estimates 182. The LPWA device estimates 182 can be time-alignedwith the ELD estimates 180, and one or more operations can be performedto analyze the ELD estimates 180 and the LPWA device estimates 182 fordetection of the GPS spoofing attack 107. The spoofing detection service174 can use the ELD estimates 180 and the LPWA device estimates 182 todetermine whether a deviation distance exists, such as a deviationdistance 194. The ELD estimates 180 can provide an estimated locationfor the ELD 130 (which may be referred to as an ELD location estimate,such as discussed with respect to FIG. 2), and the LPWA device estimates182 can provide an estimated location for the LPWA device 120 (which maybe referred to as an LPWA device location estimate, such as discussedwith respect to FIG. 2). The deviation distance 194 can represent orotherwise correspond to the distance between the ELD location estimateand LPWA device location estimate. In some embodiments, the deviationdistance 194 may be compared against a location obfuscation constraintparameter (“LOCP”), such as the LOCP 189. The LOCP 189 can indicate anallowable deviation distance, that is an amount of distance between theLPWA device location estimate and the ELD location estimate that ispermitted or otherwise is not enough to indicate that the GPS spoofingattack 107 has occurred.

For example, in some embodiments, the LOCP 189 may be defined as 10miles, such that if the deviation between the LPWA device locationestimate and ELD location estimate is less than 10 miles, then thedeviation distance 194 would not exceed the LOCP 189, and therefore thespoofing detection service 174 may not (yet) consider an instance of theGPS spoofing attack 107 to have occurred. If the deviation distance 194meets or exceeds the LOCP 189, then the spoofing detection service 174may consider the GPS spoofing attack 107 to have occurred. In situationswhere a GPS spoofing attack 107 is determined to have occurred, thespoofing detection service 174 may consider the LPWA device locationestimate to correspond with the actual location 192 and the ELD locationestimate to correspond with the spoofed location 107A. Therefore, thespoofing detection service 174 can consider or otherwise determine thatthe instance of the GPS location data 126A-N that corresponds with theELD location estimate was generated based on the GPS spoofing signals109A-N and not the authentic GPS signals 106A-N. Further discussion ofthe ELD estimates 180 and the LPWA device estimates 182 is providedbelow with respect to an embodiment of the spatio-temporal dataalignment 202 illustrated in FIG. 2.

In various embodiments, the spoofing detection service 174 can indicatewhether a GPS spoofing attack 107 has occurred via instantiation of aGPS spoofing flag, such as a GPS spoofing flag 184. The GPS spoofingflag 184 can be set so as to indicate that an instance of GPS locationdata (e.g., among any of the GPS location data 136A-N) was generatedusing the GPS spoofing signals 109A-N, and therefore corresponds withthe spoofed location 107A instead of the actual location 192 that wouldhave been provided by the authentic GPS signals 106A-N. When an instanceof the GPS spoofing flag 184 is set to indicate the GPS spoofing attack107, a spoofing time identifier 186 may be provided or otherwiseinstantiated so as to indicate the time intervals that the GPS spoofingattack 107 occurred, and in turn can provide a pointer to the one ormore instances of the GPS location data 136A-N that were inaccurate andaffected by the GPS spoofing signals 109A-N. In various embodiments, thespoofing detection service 174 can use the results of thespatio-temporal data alignment 202, such as one or more instances of theLPWA device estimates 182, to generate corrected route data, such ascorrected route data 187. The corrected route data 187 can be generatedby the spoofing detection service 174 obtaining, from the non-GPS-basedlocation measurement set 178, instances of the independent location data125A-N that correspond with the spoofing time identifier 186 (i.e.,corresponds with the time during which the GPS spoofing attack 107occurred). The corrected route data 187 can use one or more instances ofthe mobile terminal location response data 126 and/or the local devicesensor measurements 127 (which can be extracted from the independentlocation data 125A-N) to indicate the actual location 192 of the MTE110. The corrected route data 187 can include information such as, theactual location 192 corresponding to the spoofing time identifier 186(e.g., latitude, longitude, altitude), velocity, and one or more timestamps indicating the duration of the GPS spoofing attack 107 (e.g.,provided by the spoofing time identifier 186).

In some embodiments, the spoofing detection service 174 can issue orotherwise generate a GPS spoofing alert 185. The GPS spoofing alert 185can provide an indication that an instance of the GPS spoofing attack107 as occurred. In some embodiments, the GPS spoofing alert 185 can berecorded in the MTE location data records 164 for the MTE 110. In someembodiments, the GPS spoofing alert 185 can be sent to the MTE 110.Specifically, the GPS spoofing alert 185 can be addressed to the LPWAdevice 120 and/or the ELD 130 of the MTE 110. The GPS spoofing alert 185can include one or more of the GPS spoofing flag 184, instances of thespoofing time identifier 186, the corrected route data 187, and/or acorrection command 188 (which will be discussed in further detailbelow). In some embodiments, the GPS spoofing alert 185 may be stored ina correction log 128 of the LPWA device 120. The correction log 128 caninstantiate the GPS spoofing alert 185 in a memory of the MTE 110 (e.g.,the memory 112) so as to provide a local recordation on the MTE 110. Insome embodiments, the spoofing detection service 174 can configure theGPS spoofing alert 185 to withhold audiovisual presentation of the GPSspoofing alert 185 to a user of the MTE 110, such as by configuring theGPS spoofing alert 185 so as not to be presented on the head unit 114 ofthe MTE 110. The reason for this may be that the GPS spoofing attack 107may have occurred because a driver of the MTE 110 used the GPS spoofingdevice 108 in an attempt to cause the HOS record 134 to store thespoofed location 107A instead of the actual location 192, therebypotentially allowing the MTE 110 to exceed one or more regulatoryparameters (e.g., exceed the maximum hours that the MTE 110 is permittedto be operated in a 24 hour period, exceed an imposed speed limit forthe MTE 110, exceed a maximum travel distance during a defined timeperiod, or any other regulation and/or restriction imposed on the MTE110). As such, in some embodiments, the LPWA device 120 may provide theGPS spoofing alert 185 to an administration account associated the MTElocation data records 164, thereby informing an administrator that aninstance of the GPS spoofing attack 107 was detected, and in someembodiments, without informing a driver of the MTE 110. In someembodiments, the GPS spoofing alert 185 may be configured to present anaudiovisual output on the head unit 114 of the MTE 110, therebyinforming a driver and/or user of the MTE 110 that an instance of theGPS spoofing attack 107 has been detected. It is understood that theexamples provided are for illustration purposes only, and thereforeshould not be construed as limiting in any way.

In various embodiments, the spoofing detection service 174 can generatean instance of the correction command 188. The correction command 188can include, or otherwise refer to the corrected route data 187 and/orany information provided by the GPS spoofing alert 185. In someembodiments, the correction command 188 can instruct or otherwisecommand the LPWA device 120 to update the correction log 128 byinstantiating an instance of the GPS spoofing alert 185 to indicate thatthe GPS spoofing attack 107 occurred. In some embodiments, thecorrection command 188 can instruct the ELD 130 to store or otherwiserecord the GPS spoofing alert 185 within the HOS record 134. In someembodiments, the correction command 188 can instruct the ELD 130 thatthe instances of the GPS location data 136A-N during the times indicatedby the spoofing time identifiers 186 correspond with the spoofedlocation 107A, and therefore are inaccurate because those instances ofthe GPS location data 136A-N were based on the GPS spoofing signals109A-N that caused the GPS spoofing attack 107. In some embodiments, thecorrection command 188 may be provided to the MTE 110 separate from theGPS spoofing alert 185. For example, in some embodiments, the spoofingdetection service 174 can generate a correction message 190 thatincludes the correction command 188. The GPS spoofing alert 185 can beincluded in the correction message 190, or may have previously been sentto the MTE 110. In some embodiments, the correction command 188 mayinclude the GPS spoofing flag 184 that points to the MTE location datarecords 164 stored on the GMLC 162. By this, the ELD 130 may be informedthat an instance of the GPS spoofing attack 107 has occurred withoutaltering the HOS record 134, thereby preserving the inaccurate instancesof the GPS location data 136A-N within the HOS record 134 as evidence ofthe GPS spoofing attack 107. In some embodiments, when the GPS spoofingalert 185 is sent to the MTE 110 without the correction command 188and/or the correction message 190, the GPS spoofing alert 185 may besent along the narrow band path provided by the LPWAN 152 (e.g., via thecommunication path 1), thereby enabling the LPWA device 120 and/or theELD 130 to be informed of the GPS spoofing attack 107, thereby improvingtracking of the GPS spoofing attack 107 even when the MTE 110 is outsideof the transmission range of the RAN 154 provided by the communicationpath 2, as further discussed below. It is understood that the examplesprovided are for illustration purposes only, and therefore should not beconstrued as limiting in any way.

In various embodiments, the operating environment 100 can include thenetwork 150 that can include, support, or otherwise communicate with theMTE 110 via the RAN 154 and/or the LPWAN 152. In some embodiments, atleast a portion of the network 150, the LPWAN 152, and/or the RAN 154can be associated with a communications service provider and/or a mobilenetwork operator. In various embodiments, the network 150 can include anevolved packet core network, a core network, an IP-based network, atransport network, an optical transport network, a circuit switchednetwork, a mobile Wide Area Network, a combination thereof, or the like.It is understood that the network 150 can communicate with one or morecomputing systems and/or devices that are external to the network 150(e.g., one or more instances of the MTE 110) via one or more instancesof the network access point 156 that can establish, provide, andmaintain wireless and/or wired communication links.

In various embodiments, the LPWAN 152 can provide a larger transmissionrange and coverage area using the communication path 1 (i.e., using anarrow band path) than the use of communication path 2 via the RAN 154(where the communication path 2 can provide a broad band path, such as2G, 3G, 4G, LTE, etc.). In some embodiments, at least a portion of theLPWAN 152 can be supported, hosted, or otherwise included in the RAN154. In some embodiments, an instance of the network access point 156can be dedicated to the LPWAN 152, although this may not necessarily bethe case. In some embodiments, an instance of the network access point156 can be configured to support or otherwise be dedicated to the LPWAN152 by facilitating and/or hosting the narrow band path provided by thecommunication path 1, which conforms to one or more LPWA radio protocolsdiscussed above. Therefore, in some embodiments, an instance of thenetwork access point 156 that supports the LPWAN 152 can be configuredas a base transceiver station or any other low-power wide area accesspoint that conforms to, or otherwise enables and supports, the narrowband path provided by the communication path 1. In various embodiments,the LPWAN 152 can provide a larger coverage area through the use of thenarrow band path provided by the communication path 1. Therefore, whenan instance of the network access point 156 is used to support the LPWAN152 and the communication path 1, communications to and/or from the MTE110 can be provided at a greater distance than communications providedusing the communication path 2, which corresponds with broad band widearea wireless protocols (e.g., 2G, 3G, 4G, LTE, etc.).

In some embodiments, an instance of the network access point 156 can beconfigured to provide wireless communication via the communication path2, where the communication path 2 does not conform to LPWA protocolsdiscussed above, but rather may provide cellular service via anotherwide area radio technology. For example, the network access point 156that supports the communication path 2 of the RAN 154 can include, butshould not be limited to, one or more of a base transceiver station, awireless router, a femtocell, an Node B, an eNodeB, a gNodeB (i.e., anaccess point that incorporates New Radio access technology, such as LTEAdvanced, and other 5G technology), a multi-standard metro cell node, anoptical network terminal, and/or other network nodes or combinationsthereof that are capable of providing communication to and/or from theRAN 154 to the MTE 110 via the communication path 2.

As illustrated in FIG. 1, the MME 160, the GMLC 162, and/or the E-SMLC158 are hosted or otherwise supported by the network 150, although thismay not necessarily be the case. In some embodiments, one or moreinstances of the MME 160, the GMLC 162, and/or the E-SMLC 158 may belocated, hosted, or otherwise supported by the RAN 154 and/or the LPWAN152. In some embodiments, the network 150 can include and support one ormore of an evolved universal mobile telecommunications system (“UMTS”),a terrestrial radio access (“E-UTRAN”), a serving/PDN gateway (“S/PGW”),a home subscriber server (“HSS”), an access and mobility function(“AMF”), a session management function-user plane function (“SMF-UPF”),unified data management (“UDM”), a vehicle-to-everything (“V2X”)application server, an application function (“AF”), an enhanced mobilebroadband system (“eMBBS”), a mobile edge computing (“MEC”) unit, acombination thereof, and/or any other systems, devices, and/or functionsthat may be included in 2G, 3G, 4G, 5G, or later communicationarchitecture. It should be understood that the examples provided are forillustration purposes only, and therefore should not be construed aslimiting in any way.

FIG. 1 illustrates the operating environment 100 having one or moreinstance of the GPS 102, the GPS satellites 104A-N, the authentic GPSsignals 106A-N, the GPS spoofing attack 107, the spoofed location 107A,the GPS spoofing device 108, the GPS spoofing signals 109A-N, the MTE110, the processor 111, the memory 112, the MTE identifier 113, the headunit 114, the active driving mode 115A, the off-duty driving mode 115B,the TCU 116, the LPWA device 120, the LPWAN transceiver 122, the localdevice sensor 123, the sampling rate 124, the independent location data125A-N, the mobile terminal location response data 126, the local devicesensor measurements 127, the ELD 130, the GPS receiver unit 131, thesampling rate 132, the HOS record 134, the GPS location data 136A-N, theGPS measurements 138, the GPS-based measurement messages 140, the mobileterminal location request 142, the quality of service parameters 144,the mobile terminal location response 146, the communication path 1, thecommunication path 2, the network 150, the LPWAN 152, the RAN 154, thenetwork access point 156, the E-SMLC 158, the GMLC 162, the MTE locationdata records 164, the network server 170, the processor 171, the memory172, the measurement reporting clients 173, the GPS location measurementset 176, the measurement period 177, the non-GPS-based locationmeasurement set 178, the measurement period 179, the spoofing detectionservice 174, the ELD estimates 180, the LPWA device estimates 182, theGPS spoofing alert 185, the GPS spoofing flag 184, the spoofing timeidentifier 186, the corrected route data 187, the correction command188, the LOCP 189, the correction message 190, the actual location 192,and the deviation distance 194. It should be understood, however, thatsome implementations of the operating environment 100 can include zero,one, or more than one instances of the above listed elements of theoperating environment 100 shown in FIG. 1. As such, the illustratedembodiment of the operating environment 100 is understood to beillustrative and should not be construed as being limiting in any way.

Turning now to FIG. 2 with continued reference to FIG. 1, a blockdiagram 200 illustrating aspects of providing the spatio-temporal dataalignment 202 will be described, according to an illustrativeembodiment. It is understood that one or more aspects of thespatio-temporal data alignment 202 can be provided, performed,implemented, or otherwise applied by one or more elements discussedabove with respect to FIG. 1, such as but not limited to, the spoofingdetection service 174. In some embodiments, the spoofing detectionservice 174 can provide one or more engines that implement, provide, orotherwise apply a Kalman filter and/or an enhanced Kalman filter, suchas a Kalman filter engine 204. The Kalman filter engine 204 can beconfigured to generate or otherwise create state estimates andcovariance estimates 206 based on input provided, such as GPS locationdata 212 and independent location data 222 discussed below. It isunderstood that the spatio-temporal data alignment 202 that providestime-alignment (e.g., via application of the Kalman filter engine 204)can enable detection of the GPS spoofing attack 107 despite the LPWAdevice 120 obtaining and reporting information about the location of theLPWA device 120 to the GMLC 162 less frequently than the rate at whichthe ELD 130 determines and reports the location of the ELD 130 to theGMLC 162.

For example, in some embodiments, the spoofing detection service 174 can(a)periodically monitor the MTE location data records 164 for new,incoming location data from GPS-based and non-GPS-based sources, such asthe GPS location data 136A-N and the independent location data 125A-N,respectively. In various embodiments, the GPS location data 136A-N andthe independent location data 125A-N are received at periodic intervals,such as according to the measurement period (“T₁”) 177 and themeasurement period (“T₂”) 179, respectively. As discussed above withrespect to FIG. 1, T₂ 179 is longer (i.e., greater) than T₁ 177 becausethe sampling rate for the LPWA device 120 (i.e., the sampling rate 124)is less than the sampling rate for the ELD 130 (i.e., the sampling rate132), thereby resulting in the GPS location data 136A-N being reportedmore frequently to the GMLC 162 than the independent location data125A-N. In some embodiments, MTE location data records 164 can store theGPS location data 136A-N in the GPS location measurement set 176 and canstore the independent location data 125A-N in the non-GPS-based locationmeasurement set 178.

As illustrated in FIG. 2, in various embodiments, at a location spoofingdetection decision time instance (e.g., after every instance of the T₂179), the spoofing detection service 174 may obtain GPS location data212 and independent location data 222. It is understood that, in FIG. 2,the GPS location data 212 can correspond with an instance of GPS-basedlocation data, such as from among the GPS location data 136A-N shown inFIG. 1. Similarly, in FIG. 2, the independent location data 222 cancorrespond with an instance of non-GPS-based location data, such as fromamong the independent location data 125A-N shown in FIG. 1. The GPSlocation data 212 can include an instance of ELD GPS-based position data214 (e.g., a time stamp of when measurements were obtained by the GPSreceiver unit 131, a latitude coordinate, a longitude coordinate, and analtitude coordinate that are obtained based on GPS signals). In variousembodiments, the GPS location data 212 can also include values for anELD GPS-based position variance 216 (e.g., horizontal uncertaintyvalues, such as uncertainty for latitude and longitude, and a verticaluncertainty value, such as uncertainty for altitude, for the ELD 130obtained based on GPS signals). The ELD GPS-based position data 214 andthe ELD GPS-based position variance 216 can be provided by the GPSmeasurements 138 that are included in the GPS location data 136A-N. TheGPS location data 212 may be input or otherwise provided to the Kalmanfilter engine 204.

In various embodiments, the independent location data 222 is alsoprovided to the Kalman filter engine 204. The independent location data222 can include non-GPS-based position data 224 (e.g., a time stamp ofwhen measurements were obtained by the GPS receiver unit 131, a latitudecoordinate, a longitude coordinate, and an altitude coordinate that areobtained through non-GPS-based mechanisms, such as mobile terminallocation response data 126 from the LPWAN 152 and the local devicesensor measurements 127 from the local device sensor 123) and values fora non-GPS-based position variance 226 (e.g., horizontal uncertaintyvalues, such as uncertainty for latitude and longitude, and a verticaluncertainty value, such as uncertainty for altitude, for the LPWA device120 obtained through non-GPS-based mechanisms, such as mobile terminallocation response data 126 from the LPWAN 152 and the local devicesensor measurements 127 from the local device sensor 123). Thenon-GPS-based position data 224 and the non-GPS-based position variance226 can be provided by the mobile terminal location response data 126from the LPWAN 152 and the local device sensor measurements 127 from thelocal device sensor 123, which are included in the independent locationdata 125A-N.

In various embodiments, the independent location data 222 and the GPSlocation data 212 have spatio-temporal misalignment 203, that is the ELDGPS-based position data 214 does not match, and is not aligned, with thenon-GPS-based position data 224, and the independent location data 222is time-misaligned relative to the GPS location data 212. Therefore, theKalman filter engine 204 can provide alignment in a time domain 252, andcan generate the state estimates and covariance estimates 206 to enablecomparison of the position data according to various confidence levels,as discussed below.

The spatio-temporal data alignment 202 implements one or more confidenceparameters that each define a confidence level for application to aconfidence ellipsoid that is stored and represented by instances of aconfidence ellipsoid set for a particular estimate at time t_(i).Examples of confidence parameters can include a specified maximumconfidence parameter, such as a maximum confidence parameter 208, andanother specified confidence parameter that is less than the maximum,such as an intermediate confidence parameter 210, where the maximumconfidence parameter 208 provides or otherwise defines a maximumconfidence level 208A (e.g., a 99.9% amount of statistical confidencelevel), and the intermediate confidence parameter 210 provides orotherwise defines an intermediate confidence level 210A (e.g., an 80%amount of statistical confidence level). In some embodiments, theintermediate confidence level can be considered a “high,” but notmaximum confidence level. The confidence parameters (e.g., the maximumconfidence parameter 208 and the intermediate confidence parameter 210)can be utilized by the Kalman filter engine 204 to generate covarianceestimates for a corresponding estimate, which in some embodiments, maybe configured as a separate confidence ellipsoid set for each confidencelevel (e.g., for each of the maximum confidence level 208A and theintermediate confidence level 210A). Stated generally, thespatio-temporal data alignment 202 can generate, from data provided by aparticular device, device estimates that include a location estimate, avelocity estimate, a plurality of confidence ellipsoid sets for thelocation estimate (e.g., one confidence ellipsoid set at each confidencelevel), and a plurality of confidence ellipsoid sets for the velocityestimate (e.g., one confidence ellipsoid set at each confidence level).Stated specifically, as illustrated in FIG. 2, for a particular timeinstance at which GPS spoofing detection is to be performed (e.g., attime t_(i)), the Kalman filter engine 204 can apply a Kalman filterand/or an enhanced Kalman filter to the GPS location data 212 and theindependent location data 222 so as to generate ELD estimates 230 andLPWA device estimates 240, where the ELD estimates 230 are GPS-based andthe LPWA device estimates 240 are not GPS-based. It is understood thatthe ELD estimates 230 and the LPWA device estimates 240 shown in FIG. 2correspond with the ELD estimates 180 and the LPWA device estimates 182shown in FIG. 1, respectively.

The ELD estimates 230 (which correspond to the ELD 130) generated by theKalman filter engine 204 can include an ELD location estimate 232 (thatis GPS-based) and a location confidence ellipsoid set for eachconfidence level (i.e., for each confidence parameter), such as an ELDGPS-based location confidence ellipsoid set (“E_(1,MAX)(t)”) 234 for themaximum confidence level 208A and an ELD GPS-based location confidenceellipsoid set (“E_(1,INT)(t)”) 236 for the intermediate confidence level210A. In some embodiments, the E_(1,MAX)(t)”) 234 may be referred to asa first GPS-based location confidence ellipsoid set, and theE_(1,INT)(t) 236 may be referred to as a second GPS-based locationconfidence ellipsoid set. The ELD location estimate 232 can include orotherwise be based on information from the ELD GPS-based position data214, as discussed above. As such, the ELD location estimate 232 caninclude a latitude, longitude, altitude, and time stamp based on theinformation provided by the ELD 130 of the MTE 110. The ELD estimates230 can also include an ELD velocity estimate 233 (that is GPS-based)and a velocity confidence ellipsoid set for each confidence level, suchas ELD GPS-based velocity confidence ellipsoid set (“V_(1,MAX)(t)”) 235for the maximum confidence level 208A and an ELD GPS-based velocityconfidence ellipsoid set (“V_(1,INT)(t)”) 237 for the intermediateconfidence level 210A. In some embodiments, the V_(1,MAX)(t) 235 may bereferred to as a first GPS-based velocity confidence ellipsoid set, andthe V_(1,INT)(t) 237 may be referred to as a second GPS-based velocityconfidence ellipsoid set.

The LPWA device estimates 240 (which correspond to the LPWA device 120)generated by the Kalman filter engine 204 can include an LPWA devicelocation estimate 242 (that is not GPS-based) and a location confidenceellipsoid set for each confidence level (i.e., for each confidenceparameter), such as an LPWA device non-GPS-based location confidenceellipsoid set (“E_(2,MAX)(t)”) 244 for the maximum confidence level 208Aand an LPWA device non-GPS-based location confidence ellipsoid set(“E_(2,INT)(t)”) 246 for the intermediate confidence level 210A. In someembodiments, the E_(2,MAX)(t) 244 may be referred to as a firstnon-GPS-based location confidence ellipsoid set, and the E_(2,INT)(t)246 may be referred to as a second non-GPS-based location confidenceellipsoid set. The LPWA device location estimate 242 can include orotherwise be based on information from the non-GPS-based position data224 from the LPWA device 120, as discussed above. As such, the LPWAdevice location estimate 242 can include a latitude, longitude,altitude, and time stamp (as obtained via the LPWAN 152 from the mobileterminal location response data 126) based on the information providedby the LPWA device 120 of the MTE 110. The LPWA device estimates 240 canalso include an LPWA device velocity estimate 243 (that is notGPS-based) and a velocity confidence ellipsoid set for each confidencelevel, such as LPWA non-GPS-based velocity confidence ellipsoid set(“V_(2,MAX)(t)”) 245 for the maximum confidence level 208A and an LPWAdevice non-GPS-based velocity confidence ellipsoid set (“V_(2,INT)(t)”)247 for the intermediate confidence level 210A. In some embodiments, theV_(2,MAX)(t) 245 may be referred to as a first non-GPS-based velocityconfidence ellipsoid set, and the V_(2,INT)(t) 247 may be referred to asa second non-GP S-based velocity confidence ellipsoid set.

In various embodiments, the spatio-temporal data alignment 202 cancompare the LPWA device estimates 240 to the ELD estimates 230 in orderto determine and detect whether a deviation distance 194 exists betweenthe estimated location of the LPWA device 120 and the ELD 130. In someembodiments, an instance of the deviation distance 194 can be determinedby analyzing and comparing, between the ELD 130 and the LPWA device 120,the various confidence ellipsoid sets for location and velocity.Specifically, determination that a GPS spoofing attack has occurred canbe based on verifying that confidence ellipsoid sets for location andvelocity (at various confidence levels) do not intersect. A briefdiscussion will be provided, followed by further discussion with respectto FIG. 4A. The spoofing detection service 174 can compare and determinewhether the various confidence sets for each device intersect each otherat particular confidence levels. Specifically, if the velocityconfidence sets at a particular confidence level do not intersect or thelocation confidence sets at a particular confidence level do notintersect, then such non-intersection can indicate the occurrence of theGPS spoofing attack 107. The non-intersection between GPS-based andnon-GPS-based confidence ellipsoid sets for location and/or velocity(i.e., for a particular confidence level, ELD GPS-based locationconfidence ellipsoid sets not intersecting LPWA device non-GPS-basedlocation confidence ellipsoid sets, and/or ELD GPS-based velocityconfidence ellipsoid sets not intersecting LPWA device non-GPS-basedvelocity confidence ellipsoid sets) indicates that the true locationestimate determined from the LPWA device (e.g., the LPWA device locationestimate 242 that is not GPS-based determined from the independentlocation data 222 provided by the LPWA device 120, which reveals theactual location 192) deviates (in some instances deviatingsignificantly) from the spoofed location estimate determined from theELD 130 (e.g., the ELD location estimate 232 determined from the GPSlocation data 212 provided by the ELD 130). For example, in someembodiments, the spoofing detection service 174 may determine that aninstance of the GPS spoofing attack 107 has occurred in response todetermining that the E_(1,INT)(t) 236 is not intersecting theE_(2,INT)(t) 246 and/or that the V_(1,INT)(t) 237 is not intersectingthe V_(2,INT)(t) 247. Stated differently, when the E_(1,INT)(t) 236 doesnot intersect the E_(2,INT)(t) 246 and/or the V_(1,INT)(t) 237 does notintersect the V_(2,INT)(t) 247, this can mean that a GPS spoofing attackhas occurred, and therefore the information provided by the LPWA device120 more accurately represents the actual location 192 of the MTE 110,while the information from the ELD 130 appears to represent the spoofedlocation 107A. This is because, for the intermediate confidence level210A, the independent location data 125A-N (which was used to producethe LPWA device estimates 240 that include the ellipsoid confidencesets, that is the E_(2,INT)(t) 246 and the V_(2,INT)(t) 247) and/or theLPWA device location estimate 242 more accurately coincides with, orotherwise represents, the actual location 192 of the MTE 110, andtherefore the actual location 192 deviates (in some instances deviatingsignificantly) from the ELD location estimate 232 derived from the GPSlocation data 136A-N. As such, the ELD location estimate 232 coincideswith, or otherwise represents, the spoofed location 107A because the GPSlocation data 136A-N (which was used to produce the ELD estimates 230that include the ellipsoid confidence sets, that is the E_(1,INT)(t) 236and the V_(1,INT)(t) 237) was impacted by the GPS spoofing device 108generating the GPS spoofing attack 107.

In some embodiments, if either the E_(1,INT)(t) 236 does not intersectthe E_(2,INT)(t) 246 or the V_(1,INT)(t) 237 does not intersect theV_(2,INT)(t) 247, then the spoofing detection service 174 may seekfurther verification and/or detection as to whether an instance of theGPS spoofing attack 107 has occurred. The spoofing detection service 174can further analyze estimations for the ELD 130 and the LPWA device 120using a higher confidence level, such as by analyzing the confidenceellipsoid sets at the maximum confidence level 208A. For example, insome embodiments, if the E_(1,MAX)(t) 234 does not intersect theE_(2,MAX)(t) 244 or the V_(1,MAX)(t) 235 does not intersect theV_(2,MAX)(t) 245, then the spoofing detection service 174 indicates thatan instance of the GPS spoofing attack 107 occurred because the LPWAdevice location estimate 242 more accurately coincides with, orotherwise represents, the actual location 192 of the MTE 110, while theGPS location data 136A-N (which was used to produce the ELD estimates230 that include the ellipsoid confidence sets, that is the E_(1,MAX)(t)234 and the V_(1,MAX)(t) 235) and/or the ELD location estimate 232coincides with, or otherwise represents, the spoofed location 107A. Insome embodiments, if the E_(1,MAX)(t) 234 intersects the E_(2,MAX)(t)244 and the V_(1,MAX)(t) 235 intersects the V_(2,MAX)(t) 245, then thespoofing detection service 174 can indicate that an instance of the GPSspoofing attack 107 has not occurred, and therefore can wait for thenext time instance that is scheduled to provide GPS spoofing detectionvia spatio-temporal data alignment.

In some embodiments, when the spoofing detection service 174 determinesthat the actual location 192 of the MTE 110 should coincide with theLPWA device 120 instead of the spoofed location 107A provided by the ELD130, the spoofing detection service 174 may set or otherwise configurethe GPS spoofing flag 184 to indicate that an instance of the GPSspoofing attack 107 has occurred. In some embodiments, in response tothe spoofing detection service 174 determining that an instance of theGPS spoofing attack 107 has, or may have, occurred, the spoofingdetection service 174 may perform further verification and/orconfirmation of the GPS spoofing attack 107 before informing, recording,or otherwise alerting other devices of the GPS spoofing attack 107. Forexample, the spoofing detection service 174 may be configured such thateven though an instance of the GPS spoofing attack 107 is detected tohave occurred, client privacy parameters may be in place to allow orotherwise permit a certain amount of location deviation before the GPSspoofing attack 107 is be recorded or otherwise confirmed. For instance,in some embodiments, the LOCP 189 can provide or otherwise define anallowable deviation distance that the MTE 110 is permitted to travelwhen the MTE 110 has activated, or is otherwise operating in, theoff-duty driving mode 115B. Therefore, in some embodiments, even thoughthe actual location 192 of the MTE 110 is not directly matching orotherwise agreeing with the spoofed location 107A, the deviationdistance 194 between the ELD location estimate 232 and the LPWA devicelocation estimate 242 (which can, in some embodiments, correspond to thespoofed location 107A and the actual location 192, respectively) may bepermitted to vary up to the allowable deviation distance indicated bythe LOCP 189 (e.g., up to 10 miles, or another distance).

In some embodiments, if the spoofing detection service 174 determinesthat an instance of the GPS spoofing attack 107 has occurred, then thespoofing detection service 174 may generate an instance of correctedlocation data 250. The corrected location data 250 can represent one ormore instances of information provided by the LPWA device 120 for aparticular instance in time during the GPS spoofing attack 107. Forexample, the corrected location data 250 can include the LPWA deviceestimates 240, such as the LPWA device location estimate 242 and theLPWA device velocity estimate 243. By this, the latitude, longitude,altitude, time stamps, and any other information provided by the LPWAdevice estimates 240 can be considered to represent the actual location192 for a particular time instance, such as indicated by an instance ofthe spoofing time identifier 186. In some embodiments, an instance ofthe corrected location data 250 may correspond to a single instance intime in which the GPS spoofing attack 107, occurred and thereforemultiple instances of the corrected location data 250 may be included inthe corrected route data 187, thereby indicating or otherwise providinga record of the actual route traveled by the MTE 110 while the GPSspoofing attack 107 was taking place. It is understood that the examplesprovided are for illustration purposes only, and therefore should not beconstrued as limiting in any way.

Turning now to FIGS. 3A-B, 4A, and 4B with continued references to FIGS.1 and 2, aspects of a method 300, a method 400, and a method 450 will bedescribed in detail, according to various illustrative embodiments. Itshould be understood that each of the operations of the one or moremethods disclosed herein (e.g., the method 300, the method 400, and/orthe method 450 discussed below) are not necessarily presented in anyparticular order and that performance of some or all of the operationsin an alternate order(s) is possible and is contemplated. It is alsounderstood that any of the operations from the methods disclosed hereinmay be combined or otherwise arranged to yield another embodiment of amethod that is within the scope of the concepts and technologiesdiscussed herein. The operations have been presented in the demonstratedorder for ease of description and illustration, and therefore should notbe construed as limiting the various embodiments disclosed herein.Operations may be added, omitted, and/or performed simultaneously and/orsequentially, without departing from the scope of the concepts andtechnologies disclosed herein.

It also should be understood that the methods disclosed herein can beended at any time and need not be performed in its entirety. Some or alloperations of the methods, and/or substantially equivalent operations,can be performed by execution of computer-readable instructions storedand included on a computer storage medium, as defined herein. Thephrases “computer executable instructions,” and variants thereof (e.g.,“computer-readable instructions”), as used herein, is used expansivelyto include routines, applications, modules, scripts, programs, plug-ins,data structures, algorithms, and the like. It is understood that any useof the term “module” (in the specification and claims) refers to adefined, callable set of computer-readable and executable instructionsthat, upon execution by a processor, configure at least a processor toperform at least a portion of one or more operations and functionsdiscussed herein so as to transform, upon execution, processingresources and/or memory resources into a particular, non-generic,machine. Computer-readable instructions can be implemented on varioussystem configurations including but not limited to one or more ofsingle-processor or multiprocessor systems, minicomputers, userequipment, mainframe computers, personal computers, network servers,hand-held computing devices, microprocessor-based, programmable consumerelectronics, a network platform, edge devices, vehicles, combinationsthereof, and the like.

Thus, it should be appreciated that the logical operations describedherein are implemented (1) as a sequence of computer implemented acts orprogram modules running on a computing system and/or (2) asinterconnected machine logic circuits or circuit modules within thecomputing system so as to provide a particular, non-generic machinedevice. The implementation is a matter of choice dependent on theperformance and other requirements of the computing system. Accordingly,the logical operations described herein are referred to variously asstates, operations, structural devices, acts, functions, instructions,and/or modules. These states, operations, structural devices, acts,functions, instructions, and/or modules may be implemented in software,in firmware, in special purpose digital logic, and any combinationthereof. As used herein, the phrase “cause a processor to performoperations” and variants thereof is used to refer to causing andtransforming a processor of a computing system or device, such as anycomponent within one or more of the MTE 110, the ELD 130, the LPWAdevice 120, the network access point 156, the E-SMLC 158, the MME 160,the GMLC 162, the network 150, the LPWAN 152, the RAN 154, and/or thenetwork server 170, to perform one or more operations and/or causing oneor more instances of a processor to direct other components of acomputing system or device, to perform one or more of the operations.

For purposes of illustrating and describing the concepts of the presentdisclosure, one or more of the operations of methods disclosed hereinare described as being performed by one or more instance of the networkserver 170 via execution of one or more computer-readable instructionsconfigured so as to instruct and transform a processor, such as viaexecution of the spoofing detection service 174 that can configure theprocessor 171. In some embodiments, one or more operations may beperformed by one or more of the LPWA device 120 and/or the ELD 130. Itshould be understood that additional and/or alternative devices and/ornetwork infrastructure devices can, in some embodiments, provide thefunctionality described herein via execution of one or more routines,applications, and/or other software including, but not limited to, thespoofing detection service 174, the E-SMLC 158, the GMLC 162, the MME160, and/or any other computer executable instructions that canconfigure a device discussed herein, such as but not limited to one ormore of the network server 170, the MTE 110, the ELD 130, and/or theLPWA device 120. Thus, the illustrated embodiments are illustrative, andshould not be viewed as being limiting in any way.

In various embodiments, one or more instances of a computer systemassociated with the spoofing detection service 174 may execute so as tocause one or more processor (e.g., an instance of the processor 171and/or the processor 111) to perform at least a portion of one or moreoperations discussed herein. In various embodiments, execution of theGPS spoofing alert 185 and/or the correction command 188 can cause oneor more instances of the MTE 110 (and/or any components therein, such asthe LPWA device 120 and/or the ELD 130) to perform one or moreoperations discussed herein. It should be understood that the examplesprovided are for illustration purposes only, and therefore should not beconstrued as limiting in any way. The method 300, the method 400, andthe method 450 will be described with reference to one or more of theFIGS. 1 and 2.

Turning now to FIGS. 3A and 3B, the method 300 for global positioningsystem spoofing countermeasures is disclosed, according to anillustrative embodiment. In some embodiments, one or more operations ofthe method 300 can be implemented by the spoofing detection service 174executing on one or more instances of the network server 170. The method300 can begin and proceed to operation 302, where the spoofing detectionservice 174 can identify a mobile transportation equipment comprising anelectronic logging device and a low-power wide area device, such as theMTE 110 that comprises the LPWA device 120 and the ELD 130. In someembodiments, the ELD can obtain GPS location data (e.g., instances ofthe GPS location data 136A-N) via a GPS receiver unit (e.g., the GPSreceiver unit 131) that receives GPS signals, such as the authentic GPSsignals 106A-N and/or the GPS spoofing signals 109A-N. In someembodiments, the LPWA device 120 can obtain or otherwise generateinstances of independent location data (e.g., any of the independentlocation data 125A-N) via a narrow band path of a low-power wide areanetwork, such as via the communication path 1 that communicativelycouples the LPWA device 120 to the LPWAN 152 using LPWA radio protocols.In various embodiments, the ELD 130 can maintain an hours of servicerecord (e.g., the HOS record 134) that tracks movement of a mobiletransportation equipment (e.g., the MTE 110) based on GPS location data(e.g., the GPS location data 136A-N that is obtained based on receivingGPS signals).

From operation 302, the method 300 can proceed to operation 304, wherethe spoofing detection service 174 can obtain the MTE location datarecord 164 that corresponds with the MTE 110, where the MTE locationdata record 164 can be obtained from the GMLC 162.

From operation 304, the method 300 can proceed to operation 306, wherethe spoofing detection service 174 can extract the GPS location data136A-N from the GPS location measurement set 176 corresponding to theELD 130. In various embodiments, the spoofing detection service 174 alsocan extract the independent location data 125A-N from the non-GPS-basedlocation measurement set 178 corresponding to the LPWA device 120.

In some embodiments, from operation 306, the method 300 may proceed tooperation 308, where the spoofing detection service 174 can confirm thatthe independent location data 125A-N includes an instance of the mobileterminal location response data 126, which is received via a narrow bandpath from the LPWAN 152. In some embodiments, the independent locationdata 125A-N includes an instance of the mobile terminal locationresponse data 126 that is joined to the local device sensor measurements127.

In some embodiments, the method 300 may proceed from operation 306and/or operation 308 to operation 310, where the spoofing detectionservice 174 can determine whether a spatio-temporal misalignment (e.g.,the spatio-temporal misalignment 203 discussed with respect to FIG. 2)exists between the independent location data 125A-N and the GPS locationdata 136A-N for the MTE 110.

In some embodiments, if the spoofing detection service 174 determinesthat a spatio-temporal misalignment does not exist, then the method 300may proceed along the NO path from operation 310 to operation 312. Atoperation 312, the spoofing detection service 174 can monitor the MTElocation data records 164 for incoming instances of the independentlocation data 125A-N, which may be provided to the GMLC 162 at themeasurement period (e.g., the measurement period 179 corresponding tothe non-GPS-based location measurement set 178). From operation 312, themethod 300 may proceed to operation 304, where one or more aspects ofthe method 300 may be performed at the next time instance.

Returning to operation 310, in some embodiments, the spoofing detectionservice 174 may determine that a spatio-temporal misalignment existsbetween the independent location data 125A-N and the GPS location data136A-N for the MTE 110. If a spatio-temporal misalignment is detected,the method 300 may proceed along the YES path from operation 310 tooperation 314.

At operation 314, the spoofing detection service 174 can providespatio-temporal data alignment 202 that generates an instance of the ELDestimates 180 and an instance of the LPWA device estimates 182. The ELDestimates 180 and the LPWA device estimates 182 may be generated basedon application of a filter (e.g., a Kalman filter and/or an enhancedKalman filter) to the GPS location data 136A-N and the independentlocation data 125A-N, respectively. The method 300 may proceed tooperation 316, which is illustrated in FIG. 3B.

At operation 316, the method 300 can include determining whether aninstance of the GPS spoofing attack 107 has occurred. In variousembodiments, the spoofing detection service 174 can determine whetherthe GPS spoofing attack 107 has occurred based on the ELD estimates 180and the LPWA device estimates 182. Further discussion of thespatio-temporal misalignment 203 and detection of the GPS spoofingattack 107 is provided below with respect to FIG. 4A. In someembodiments, the spoofing detection service 174 may determine that aninstance of the GPS spoofing attack 107 has not occurred, and thereforethe method 300 may proceed from operation 316 to operation 318, wherethe spoofing detection service 174 can set an instance of the GPSspoofing flag 184 to indicate that the GPS spoofing attack 107 has notoccurred. The GPS spoofing flag 184 can be recorded with the MTElocation data record 164 for the time instance under analysis. In someembodiments, the method 300 may proceed from operation 318 to operation312 discussed above.

Returning to operation 316, in some embodiments, the spoofing detectionservice 174 may determine that an instance of the GPS spoofing attack107 has occurred. In various embodiments, the spoofing detection service174 can determine that the GPS spoofing attack 174 has occurred inresponse to determining that the LPWA device estimates 240 coincidewith, or otherwise may accurately represent, the actual location 192 ofthe MTE 110 instead of the ELD estimates 230 which were derived orotherwise determined from GPS-based information provided by the ELD 130(e.g., the GPS location data 212). Therefore, in various embodiments, inresponse to the spoofing detection service 174 determining that the GPSspoofing attack 107 has, and/or may have, occurred, then the method 300may proceed along the YES path to operation 320, where the spoofingdetection service 174 can set or otherwise configure the GPS spoofingflag 184 to indicate that the GPS spoofing attack 107 has occurred.

In some embodiments, the method 300 may proceed from operation 320 tooperation 324, which will be discussed below in further detail. In someembodiments, from operation 320, the method 300 may proceed to operation322, where the spoofing detection service 174 can set an instance of theGPS spoofing flag 184 to indicate that an instance of the GPS spoofingattack 107 has occurred. In some embodiments, the method 300 may proceedfrom operation 320 to operation 324, which will be discussed below. Insome embodiments, the method 300 may proceed from operation 320 tooperation 322.

At operation 322, the spoofing detection service 174 can detect whetherthe off-duty driving mode 115B was activated on the MTE 110 during thetime instance corresponding to the GPS spoofing attack 107. The off-dutydriving mode 115B may be indicated in the MTE location data record 164.In some embodiments, if the spoofing detection service 174 detects thatan off-duty driving mode was not activated on the MTE 110 (e.g., bydetecting that the active driving mode 115A was activated) then themethod 300 may proceed along the NO path to operation 324, where thespoofing detection service 174 can create an instance of the GPSspoofing alert 185 for the MTE 110 so as to indicate that the GPSspoofing attack 107 has occurred. In some embodiments, the method 300may proceed from operation 324 to operation 334 and/or operation 328.For clarity purposes, a discussion of operation 328 will be providedfirst, followed by a discussion of the operation 334.

Returning to operation 322, if the spoofing detection service 174determines that the off-duty driving mode 115B was activated, then themethod 300 may proceed along the YES path to operation 326, where thespoofing detection service 174 can obtain an instance of the LOCP 189corresponding to the MTE 110. In various embodiments, the LOCP 189 canindicate an allowable deviation distance that the MTE 110 is permittedto travel from the actual location 192 before an instance of the GPSspoofing alert 185 is recorded, presented, and/or provided to the MTE110, the GMLC 162, and/or another device.

From operation 326, the method 300 may proceed to operation 328, wherethe spoofing detection service 174 can determine whether the deviationdistance 194 exceeds the allowable deviation distance as defined by theLOCP 189. If the deviation distance 194 does not exceed the LOCP 189,then the method 300 may proceed along the NO path from operation 328 tooperation 330, where the spoofing detection service 174 may withhold aninstance of the GPS spoofing alert 185 from being provided to the ELD130 of the MTE 110 and/or to the GMLC 162 until the deviation distance194 exceeds the allowable deviation distance defined by the LOCP 189.From operation 330, the method 300 can return to operation 328 foradditional monitoring the deviation distance 194.

Returning to operation 328, in response to determining that thedeviation distance exceeds the allowable deviation distance provided bythe LOCP 189, the method 300 may proceed along the YES path fromoperation 328 to operation 332, where the spoofing detection service cangenerate an hours of service correction command, such as an instance ofthe correction command 188. In various embodiments, the correctioncommand 188 can instruct the ELD 130 to update an hours of service log,such as the HOS record 134, with corrected route data and spoofing timeidentifiers corresponding to the spoofing attack, such as the correctedroute data 187 and the spoofing time identifiers 186 corresponding tothe GPS spoofing attack 107.

From operation 332, the method 300 may proceed to operation 334, wherethe spoofing detection service 174 can generate an instance of thecorrected route data 187 that represents the actual location 192 of theMTE 110 during the GPS spoofing attack 107. In some embodiments,generation of the corrected route data 187 may occur in response todetermining that the deviation distance 194 exceeds the allowabledeviation distance provided by the LOCP 189.

From operation 334, the method 300 may proceed to operation 336, wherethe method 300 may end. It should be understood that the examplesprovided are for illustration purposes only, and therefore should not beconstrued as limiting in any way.

Turning now to FIG. 4A, the method 400 for providing spatio-temporaldata alignment is disclosed, according to an illustrative embodiment isdisclosed, according to an illustrative embodiment. In variousembodiments, one or more operations discussed herein may be performed bythe spoofing detection service 174 on one or more instance of thenetwork server 170. In some embodiments, one or more operations of themethod 400 can begin at operation 402, where the spoofing detectionservice 174 can obtain confidence parameters, such as the maximumconfidence parameter 208 and the intermediate confidence parameter 210.From operation 402, the method 400 may proceed to operation 404, wherethe spoofing detection service 174 can determine a scheduled detectiontime instant has occurred, such as whether the measurement period 179for the LPWA device 120 has elapsed, thereby indicating that incominglocation data from the LPWA device 120 and the ELD 130 may be available.In some embodiments, if the scheduled detection time instant has not yetoccurred, the method 400 may proceed along the NO path, where theoperation 404 may be repeated. In some embodiments, if the scheduleddetection time instance is occurring, then the method 400 may proceedalong the YES path to operation 406, where the spoofing detectionservice 174 can identify instances of position and variance data foreach of the ELD 130 and the LPWA device 120, such as the ELD GPS-basedposition data 214 and the ELD GPS-based position variance 216(corresponding to the GPS location data 212) for the ELD 130, and thenon-GPS-based position data 224 and the non-GPS-based position variance226 (corresponding to the independent location data 222) for the LPWAdevice 120.

From operation 406, the method 400 may proceed to operation 408, wherethe Kalman filter engine 204 of the spoofing detection service 174 mayapply a filter (e.g., a Kalman filter and/or an enhanced Kalman filter)to the instances of position and variance data for the ELD 130 and theLPWA device 120. In various embodiments, application of the Kalmanfilter and/or the enhanced Kalman filter can cause the Kalman filterengine 204 to generate the ELD estimates 230 and the LPWA deviceestimates 240, which are discussed below.

From operation 408, the method 400 may proceed to one or more of theoperation 410 and/or the operation 414, where the operation 410 and theoperation 414 may be performed sequentially and/or concurrently. Forclarity purposes, a discussion of the method 400 proceeding to theoperation 410 will be provided first. At operation 410, the spoofingdetection service 174 can generate GPS-based confidence ellipsoid setsfor location and velocity corresponding to the intermediate confidencelevel 210A for the ELD 130 (e.g., the E_(1,INT)(t) 236 and theV_(1,INT)(t) 237). From operation 410, the method 400 may proceed tooperation 412, where the spoofing detection service 174 can generatenon-GPS-based confidence ellipsoid sets for location and velocitycorresponding to the intermediate confidence level 210A for the LPWAdevice 120 (e.g., the E_(2,INT)(t) 246 and the V_(2,INT)(t) 247). Fromoperation 412, the method 400 may proceed to operation 414, where thespoofing detection service 174 can generate GPS-based confidenceellipsoid sets for location and velocity corresponding to the maximumconfidence level 208A for the ELD 130 (e.g., the E_(1,MAX)(t) 234 andthe V_(1,MAX)(t) 235). From operation 414, the method 400 may proceed tooperation 416, where the spoofing detection service 174 can generatenon-GPS-based confidence ellipsoid sets for location and velocitycorresponding to the maximum confidence level 208A for the LPWA device120 (e.g., the E_(2,MAX)(t) and the V_(2,MAX)(t) 245). From operation416, the method 400 may proceed to operation 418.

In various embodiments, at operation 418, the spoofing detection service174 may determine whether intersections between various confidenceellipsoid sets have occurred or have not occurred. Specifically, thespoofing detection service 174 can determine if the E_(1,INT)(t) 236does not intersect the E_(2,INT)(t) 246, or if the V_(1,INT)(t) 237 doesnot intersect the V_(2,INT)(t) 247. If the spoofing detection service174 determines that there exists no intersection between E_(1,INT)(t)236 and the E_(2,INT)(t) 246, or there is no intersection between theV_(1,INT)(t) 237 and the V_(2,INT)(t) 247, then a GPS spoofing attackmay have occurred, or has occurred, and thus the method 400 may proceedalong the YES path. In some embodiments, the method 400 may proceedalong the YES path to operation 420 for further verification of theexistence of a GPS spoofing attack. In various embodiments, if eitherthe E_(1,INT)(t) 236 does not intersect the E_(2,INT)(t) 246 or theV_(1,INT)(t) 237 does not intersect the V_(2,INT)(t) 247, then themethod 400 may proceed along the YES path from operation 418 tooperation 420. In some embodiments, the method 400 may proceed along theYES path from operation 418 to operation 424, which is discussed below.Returning to operation 418, in various embodiments, if the spoofingdetection service 174 determines that the E_(1,INT)(t) 236 intersectsthe E_(2,INT)(t) 246, and that the V_(1,INT)(t) 237 intersects theV_(2,INT)(t) 247, then a GPS spoofing attack may not have, or has not,occurred, and thus the method 400 may proceed along the NO path fromoperation 418 to operation 422, which will be discussed in furtherdetail below. For clarity purposes, a discussion of operation 420 willbe provided first, followed by a discussion of operation 422.

At operation 420, the spoofing detection service 174 can determinewhether an intersection of the confidence ellipsoid sets at the maximumconfidence level has occurred or has not occurred. Specifically, if thespoofing detection service 174 determines that the E_(1,MAX)(t) 234intersects the E_(2,MAX)(t) 244 and that the V_(1,MAX)(t) 235 intersectsthe V_(2,MAX)(t) 245, then the ELD estimates 230 and the LPWA deviceestimates 240 both coincide with (or otherwise represent) the actuallocation 192, and therefore a GPS spoofing attack has not occurred(i.e., the existence of a GPS spoofing attack is not and/or has not beendetected), which in turn can indicate that an instance of the GPSlocation data under analysis is reliable or otherwise accurate. As such,if the spoofing detection service 174 determines that the E_(1,MAX)(t)234 intersects the E_(2,MAX)(t) 244 and that the V_(1,MAX)(t) 235intersects the V_(2,MAX)(t) 245, then the method 400 may proceed alongthe NO path from operation 420 to operation 422.

At operation 422, the spoofing detection service 174 can set an instanceof the GPS spoofing flag 184 to indicate that the GPS spoofing attack107 has not occurred. From operation 422, the method 400 may proceed tooperation 426, where the method 400 may end.

Returning to operation 420, if the spoofing detection service 174determines that the E_(1,MAX)(t) 234 does not intersect E_(2,MAX)(t) 244or that the V_(1,MAX)(t) 235 does not intersect V_(2,MAX)(t) 245, then adeviation distance exists (e.g., the deviation distance 194) and theLPWA device estimates 240 coincide with (or are very likely to coincidewith or otherwise represent) the actual location 192 of the MTE 110,while the ELD estimates 230 coincide with (or are very likely tocoincide with or otherwise represent) the spoofed location 107A, andtherefore the method 400 may proceed along the YES path from operation420 to operation 424. At operation 424, the spoofing detection service174 can set an instance of the GPS spoofing flag 184 to indicate thatthe GPS spoofing attack 107 has occurred. From operation 424, the method400 may proceed to operation 426, where the method 400 may end.

Turning now to FIG. 4B, the method 450 for global positioning systemspoofing countermeasures is disclosed, according to an illustrativeembodiment is disclosed, according to an illustrative embodiment. Invarious embodiments, one or more operations discussed herein may beperformed by a low-power wide area device, such as an instance of theLPWA device 120. In some embodiments, one or more operations discussedherein may be performed by an instance of the ELD 130 and/or anothercomponent of the MTE 110, such as an instance of the TCU 116. In someembodiments, the method 450 can begin at operation 452, where the LPWAdevice 120 can generate a mobile terminal location request, such as aninstance of the mobile terminal location request 142. The LPWA device120 may configure one or more of the quality of service parameters 144.The mobile terminal location request 142 may be generated by the LPWAdevice 120 in order to obtain information about the current location ofthe LPWA device 120 as seen or otherwise detected by a network, such asthe LPWAN 152 and/or the RAN 154. In some embodiments, an instance ofthe mobile terminal location request 142 may be generated according to asampling rate 124 that is less than the sampling rate 132 of the ELD130.

From operation 452, the method 450 may proceed to operation 454, wherethe LPWA device 120 can provide the mobile terminal location request 142to the E-SMLC 158 via a narrow band path, such as illustrated by thecommunication path 1. In various embodiments, the mobile terminallocation request 142 can be addressed or otherwise directed to theE-SMLC 158, and therefore may be relayed from the LPWAN 152 to acomponent of the RAN 154 that supports the E-SMLC 158, such as thenetwork access point 156. In some embodiments, the narrow band path cancorrespond with a communication path that is used by a mobile Internetof Things device (which may also be referred to as a cellular Internetof Things device).

From operation 454, the method 450 may proceed to operation 456, wherethe LPWA device 120 may receive a response from the E-SMLC 158, such asan instance of the mobile terminal location response 146. The mobileterminal location response 146 can include an instance of the mobileterminal location response data 126, such as discussed with respect toFIG. 1. It is understood that the mobile terminal location response data126 does not include GPS-based location information, and therefore themobile terminal location response data 126 does not directly, orindirectly rely on GPS signals to provide an independent locationdetermination.

From operation 456, the method 450 may proceed to operation 458, wherethe LPWA device 120 may obtain an instance of the local device sensormeasurements 127 from the local device sensor 123, which in someembodiments, can correspond to a barometric pressure sensor and/or analtimeter. The local device sensor measurements 127 do not includeGPS-based information (i.e., information obtained using GPS signals).

From operation 458, the method 450 may proceed to operation 460, wherethe LPWA device 120 can create an instance of independent location data,such as any instance from the independent location data 125A-N. Forexample, the LPWA device 120 may join the mobile terminal locationresponse data 126 to the local device sensor measurements 127 so as tocreate an instance of the independent location data 125A-N.

From operation 460, the method 450 may proceed to operation 462, wherethe LPWA device 120 can report or otherwise provide the instance of theindependent location data 125A-N to the GMLC 162. In some embodiments,the instance of the independent location data 125A-N may be providedalong the communication path 1, which is configured to provide a narrowband path. As such, the LPWA device 120 can extend the communicationrange of the MTE 110 so that the independent location data 125A-N can besent to the GMLC 162 even when the MTE 110 is out of range forcommunications using a broad band path, such as may be provided by thecommunication path 2.

From operation 462, the method 450 may proceed to operation 464, wherethe LPWA device 120 can detect whether an instance of the GPS spoofingattack 107 has occurred, such as by the LPWA device 120 receiving aninstance of the GPS spoofing alert 185. In some embodiments, if aninstance of the GPS spoofing attack 107 has not occurred, and thus theLPWA device 120 does not receive an instance of the GPS spoofing alert185, then the method 450 may proceed along the NO path to operation 452discussed above, where one or more operations may be implemented for thenext time instance. In some embodiments, the LPWA device 120 may monitorfor incoming instances of the GPS spoofing alert 185 while one or moreof the operations discussed herein is being performed.

Returning to operation 464, if the LPWA device 120 detects that aninstance of the GPS spoofing attack 107 has occurred, such as by theLPWA device 120 receiving an instance of the GPS spoofing alert 185,then the method 450 may proceed along the YES path to operation 466,where the LPWA device may extract an instance of the corrected routedata 187 that provided information as to the actual location 192 of theMTE 110 and the ELD 130.

From operation 466, the method 450 may proceed to operation 468, wherethe LPWA device 120 may identify and analyze an instance of thecorrection command 188 that is included in the GPS spoofing alert 185,and in turn can update the correction log 128 of the LPWA device 120based on the correction command 188. The correction log 128 can includea listing of various occurrences and instances of GPS spoofing attacksthat have occurred for a particular ELD, such as the ELD 130, and/or adriver associated with the MTE 110. In various embodiments, thecorrection command 188 may instruct the LPWA device 120 to instantiate,or otherwise provide, the corrected route data 187 to the ELD 130.

From operation 468, the method 450 may proceed to operation 470, wherethe LPWA device 120 can instantiate, and/or instruct the ELD 130 toinstantiate, the corrected route data 187 in the HOS record 134 of theELD 130 so as to provide a record of the actual location 192 of the MTE110 at the time of the GPS spoofing attack 107. The corrected route data187 may supplement the HOS record 134, and therefore can preserve theerroneous location data that was generated by the ELD 130 based on theGPS spoofing signals 109A-N.

From operation 470, the method 450 may proceed to operation 472, wherethe method 450 may end.

Turning now to FIG. 5, a discussion of a network 500 is illustrated,according to an illustrative embodiment. In some embodiments, aspects ofthe network 150, the LPWAN 152, and/or the RAN 154 shown in FIG. 1 canbe configured substantially similar to include at least some of theelements of the network 500. The network 500 can include a cellularnetwork 502, a packet data network 504, for example, the Internet, and acircuit switched network 506, for example, a publicly switched telephonenetwork (“PSTN”). The cellular network 502 includes various componentssuch as, but not limited to, base transceiver stations (“BTSs”),node-B's (“NBs”), e-Node-B's (“eNBs”), g-Node-B's (“gNBs”), base stationcontrollers (“BSCs”), radio network controllers (“RNCs”), mobileswitching centers (“MSCs”), mobile management entities (“MMEs”), shortmessage service centers (“SMSCs”), multimedia messaging service centers(“MMSCs”), home location registers (“HLRs”), home subscriber servers(“HSSs”), visitor location registers (“VLRs”), charging platforms,billing platforms, voicemail platforms, GPRS core network components,location service nodes, an IP Multimedia Subsystem (“IMS”), 5G corecomponents, 5G New Radio (“NR”) components, functions, applications, andthe like. The cellular network 502 also includes radios and nodes forreceiving and transmitting voice, data, and combinations thereof to andfrom radio transceivers, networks, the packet data network 504, and thecircuit switched network 506.

A mobile communications device 508, such as, for example, a cellulartelephone, a user equipment, a mobile terminal, a PDA, a laptopcomputer, a handheld computer, and combinations thereof, can beoperatively connected to the cellular network 502. The cellular network502 can be configured as a 2G GSM network and can provide datacommunications via GPRS and/or EDGE. Additionally, or alternatively, thecellular network 502 can be configured as a 3G UMTS network and canprovide data communications via the HSPA protocol family, for example,HSDPA, EUL (also referred to as HSUPA), and HSPA+. The cellular network502 also can be compatible with, and/or otherwise configured toimplement and support, mobile communications standards such as but notlimited to 4G, LTE, LTE Advanced, and/or 5G NR, as well as evolved andfuture mobile standards.

The packet data network 504 includes various devices, for example,servers, computers, databases, and other devices in communication withone another, as is generally understood. The packet data network 504devices are accessible via one or more network links. The servers oftenstore various files that are provided to a requesting device such as,for example, a computer, a terminal, a smartphone, or the like.Typically, the requesting device includes software (a “browser”) forexecuting a web page in a format readable by the browser or othersoftware. Other files and/or data may be accessible via “links” and/or“pointers” in the retrieved files, as is generally understood. In someembodiments, the packet data network 504 includes or is in communicationwith the Internet. The circuit switched network 506 includes varioushardware and software for providing circuit switched communications. Thecircuit switched network 506 may include, or may be, what is oftenreferred to as a plain old telephone system (POTS). The functionality ofa circuit switched network 506 or other circuit-switched network aregenerally known and will not be described herein in detail.

The illustrated cellular network 502 is shown in communication with thepacket data network 504 and a circuit switched network 506, though itshould be appreciated that this is not necessarily the case. One or moreInternet-capable devices 510, for example, a PC, a laptop, a portabledevice, or another suitable device, can communicate with one or morecellular networks 502, and devices connected thereto, through the packetdata network 504. It also should be appreciated that theInternet-capable device 510 can communicate with the packet data network504 through the circuit switched network 506, the cellular network 502,and/or via other networks (not illustrated).

As illustrated, a communications device 512, for example, a telephone,facsimile machine, modem, computer, or the like, can be in communicationwith the circuit switched network 506, and therethrough to the packetdata network 504 and/or the cellular network 502. It should beappreciated that the communications device 512 can be anInternet-capable device, and can be substantially similar to theInternet-capable device 510. In some embodiments, the mobilecommunications device 508, the Internet-capable device 510, and/or thecommunication device 512 can correspond with one or more computersystems, devices, and/or equipment discussed with respect to FIG. 1,such as but not limited to the MTE 110 and/or the network server 170. Inthe specification, the network 150 and/or the network 500 can referbroadly to, in some embodiments, any combination of the networks 502,504, 506. It should be appreciated that substantially all of thefunctionality described with reference to the network 150, the RAN 154,and/or the network 500 can, in some embodiments, be performed by thecellular network 502, the packet data network 504, and/or the circuitswitched network 506, alone or in combination with other networks,network elements, and the like.

FIG. 6 is a block diagram illustrating a computer system 600 can beconfigured to provide the functionality described herein related towireless power transfer network management, in accordance with variousembodiments of the concepts and technologies disclosed herein. In someembodiments, at least a portion of one or more of the MTE 110, thenetwork server 170, the network access point 156, and/or othercomponents of the operating environment 100 illustrated and describedherein can be configured as and/or can have an architecture similar oridentical to the computer system 600. The computer system 600 includes aprocessing unit 602, a memory 604, one or more user interface devices606, one or more input/output (“I/O”) devices 608, and one or morenetwork devices 610, each of which is operatively connected to a systembus 612. The system bus 612 enables bi-directional communication betweenthe processing unit 602, the memory 604, the user interface devices 606,the I/O devices 608, and the network communication devices 610. In someembodiments, the processor 111 and/or the processor 171 can beconfigured at least similar to the processing unit 602. In someembodiments, one or more instances of the processing unit 602 can beimplemented within one or more devices and/or components of theoperating environment 100, such as but not limited to one or more of theMTE 110, the LPWA device 120, the ELD 130, the network access point 156,and/or the network server 170. In some embodiments, one or moreinstances of the memory 604 can be implemented within one or moredevices and/or components of the operating environment 100, such as butnot limited to one or more of the MTE 110, the LPWA device 120, the ELD130, the network access point 156, and/or the network server 170. Invarious embodiments, one or more aspects of the network server 170 canbe included within the computer system 600.

The processing unit 602 may be a standard central processor thatperforms arithmetic and logical operations, a more specific purposeprogrammable logic controller (“PLC”), a programmable gate array, orother type of processor known to those skilled in the art and suitablefor controlling the operation of the server computer. As used herein,the word “processor” and/or the phrase “processing unit” when used withregard to any architecture or system can include multiple processors orprocessing units distributed across and/or operating in sequence and/orparallel in a single machine or in multiple machines. Furthermore,processors and/or processing units can be used to support virtualprocessing environments. Processors and processing units also caninclude state machines, application-specific integrated circuits(“ASICs”), combinations thereof, or the like. As used herein, the phrase“processing unit” may be referred to as a “processor.” The processingunit 602 can include one or more central processing units (“CPUs”)configured with one or more processing cores. The processing unit 602can include one or more graphics processing unit (“GPU”) configured toaccelerate operations performed by one or more CPUs, and/or to performcomputations to process data, and/or to execute computer-executableinstructions of one or more application programs, operating systems,and/or other software that may or may not include instructionsparticular to graphics computations. In some embodiments, the processingunit 602 can include one or more discrete GPUs. In some otherembodiments, the processing unit 602 can include CPU and GPU componentsthat are configured in accordance with a co-processing CPU/GPU computingmodel, wherein the sequential part of an application executes on the CPUand the computationally-intensive part is accelerated by the GPU. Theprocessing unit 602 can include one or more system-on-chip (“SoC”)components along with one or more other components including, forexample, a memory, a communication component, or some combinationthereof. In various embodiments, an instance of a processor (e.g., theprocessing unit 602) can be and/or can include one or more SNAPDRAGONSoCs, a cellular V2X (“C-V2X”) chipset, and/or another architectureavailable from QUALCOMM of San Diego, Calif.; one or more TEGRA SoCsand/or another architecture available from NVIDIA of Santa Clara,Calif.; one or more HUMMINGBIRD SoCs and/or another architectureavailable from SAMSUNG of Seoul, South Korea; one or more OpenMultimedia Application Platform (“OMAP”) SoCs and/or anotherarchitecture available from TEXAS INSTRUMENTS of Dallas, Tex.; one ormore customized versions of any of the above SoCs; and/or one or moreproprietary SoCs and/or proprietary circuitry capable of supporting V2Xcommunication processing. In various embodiments, an instance of aprocessor (e.g., the processing unit 602) can be and/or can include oneor more hardware components architected in accordance with an ARMarchitecture, available for license from ARM HOLDINGS of Cambridge,United Kingdom. Alternatively (or additionally), an instance of aprocessor (e.g., the processing unit 602) can be or can include one ormore hardware components architected in accordance with an x86architecture, such as an architecture available from INTEL CORPORATIONof Mountain View, Calif., and others. Those skilled in the technologywill appreciate that the implementation of a processor (e.g., theprocessing unit 602) can utilize various computation architectures, andas such, a processor (e.g., the processing unit 602) should not beconstrued as being limited to any particular computation architecture orcombination of computation architectures, including those explicitlydisclosed herein. Because processors and/or processing units aregenerally known to one of ordinary skill, the processors and processingunits disclosed and discussed herein will not be described in furtherdetail herein.

The memory 604 communicates with the processing unit 602 via the systembus 612. In embodiments, the memory 112 and/or the memory 172 can beconfigured at least similar to the memory 604. In some embodiments, thememory 604 is operatively connected to a memory controller (not shown)that enables communication with the processing unit 602 via the systembus 612. The memory 604 includes an operating system 614 and one or moreprogram modules 616. The operating system 614 can include, but is notlimited to, members of the WINDOWS, WINDOWS CE, and/or WINDOWS MOBILEfamilies of operating systems from MICROSOFT CORPORATION, the LINUXfamily of operating systems, the SYMBIAN family of operating systemsfrom SYMBIAN LIMITED, the BREW family of operating systems from QUALCOMMCORPORATION, the MAC OS, iOS, and/or LEOPARD families of operatingsystems from APPLE CORPORATION, the FREEBSD family of operating systems,the SOLARIS family of operating systems from ORACLE CORPORATION, otheroperating systems, and the like.

The program modules 616 may include various software, program modules,or other computer readable and/or executable instructions that configurehardware resources of the computer system 600, such as but not limitedto the processing unit 602 described herein. In some embodiments, forexample, the program modules 616 can include the spoofing detectionservice 174, and/or other computer-readable instructions. These and/orother programs can be embodied in computer-executable instructions that,when executed by the processing unit 602, can facilitate performance ofone or more of the methods 300, 400, and/or 450 described in detailabove with respect to FIGS. 3A, 3B, 4A, and 4B. According to someembodiments, the program modules 616 may be embodied in hardware,software, firmware, or any combination thereof. It should be understoodthat the memory 604 also can be configured to store one or more instanceof information and data discussed with respect to FIGS. 1, 2, 3A, 3B,4A, and 4B, such as but not limited to the spatio-temporal dataalignment 202, the GPS-based measurement messages 140, the mobileterminal location request 142, the mobile terminal location response146, the ELD estimates 180, the LPWA device estimates 182, theindependent location data 125A-N, the mobile terminal location responsedata 126, the local device sensor measurements 127, the GPS spoofingalert 185, the GPS spoofing flag 184, the spoofing time identifiers 186,the corrected route data 187, the correction command 188, the LOCP 189,the correction message 190, the GPS location data 136A-N, and/or otherdata, if desired.

By way of example, and not limitation, computer-readable media mayinclude any available computer storage media or communication media thatcan be accessed by the computer system 600. Communication media includescomputer-readable instructions, data structures, program modules, orother data in a modulated data signal such as a carrier wave or othertransport mechanism and includes any delivery media. The term “modulateddata signal” means a signal that has one or more of its characteristicschanged or set in a manner as to encode information in the signal. Byway of example, and not limitation, communication media includes wiredmedia such as a wired network or direct-wired connection, and wirelessmedia such as acoustic, RF, infrared and other wireless media.Combinations of the any of the above should also be included within thescope of computer-readable media.

Computer storage media includes volatile and non-volatile, removable andnon-removable media implemented in any method or technology for storageof information such as computer-readable instructions, data structures,program modules, or other data. Computer storage media includes, but isnot limited to, RAM, ROM, Erasable Programmable ROM (“EPROM”),Electrically Erasable Programmable ROM (“EEPROM”), flash memory or othersolid state memory technology, CD-ROM, digital versatile disks (“DVD”),or other optical storage, magnetic cassettes, magnetic tape, magneticdisk storage or other magnetic storage devices, or any other mediumwhich can be used to store the desired information and which can beaccessed by the computer system 600. In the claims, the phrases“memory,” “computer storage medium” and variations thereof does notinclude waves or signals per se and/or communication media.

The user interface devices 606 may include one or more devices withwhich a user accesses the computer system 600. The user interfacedevices 606 may include, but are not limited to, computers, servers,personal digital assistants, cellular phones, or any suitable computingdevices that can communicate with the computer system 600. The I/Odevices 608 enable a user to interface with the program modules 616. Inone embodiment, the I/O devices 608 are operatively connected to an I/Ocontroller (not shown) that enables communication with the processingunit 602 via the system bus 612. The I/O devices 608 may include one ormore input devices, such as, but not limited to, a keyboard, a mouse, oran electronic stylus. Further, the I/O devices 608 may include one ormore output devices, such as, but not limited to, a display screen or aprinter.

The network communication devices 610 enable the computer system 600 tocommunicate with other networks or remote systems via a network, such asnetwork 618. Examples of network communication devices 610 include, butare not limited to, a modem, a radio frequency (“RF”) transceiver and/orinfrared (“IR”) transceiver, a telephonic interface, a bridge, a router,or a network card. The network 618 may include a wireless network suchas, but not limited to, a Wireless Local Area Network (“WLAN”) such as aWI-FI network, a Wireless Wide Area Network (“WWAN”), a WirelessPersonal Area Network (“WPAN”) such as BLUETOOTH, a WirelessMetropolitan Area Network (“WMAN”) such a WiMAX network, or a cellularnetwork. Alternatively, the network 618 may be a wired network such as,but not limited to, a Wide Area Network (“WAN”) such as the Internet, aLocal Area Network (“LAN”) such as the Ethernet, a wired Personal AreaNetwork (“PAN”), or a wired Metropolitan Area Network (“MAN”). In someembodiments, the network 618 may include one or more aspects of thenetwork 500, discussed above. It should be understood that the examplesprovided are for illustration purposes only, and therefore should not beconstrued as limiting in any way.

Turning now to FIG. 7, an illustrative user equipment 700 and componentsthereof will be described. In some embodiments, the ELD 130, the LPWAdevice 120, and/or other devices illustrated and described herein can beconfigured as and/or can have an architecture similar or identical tothe user equipment 700 described herein in FIG. 7. It should beunderstood, however, that the various devices illustrated and describedherein may or may not include the functionality described herein withreference to FIG. 7. While connections are not shown between the variouscomponents illustrated in FIG. 7, it should be understood that some,none, or all of the components illustrated in FIG. 7 can be configuredto interact with one other to carry out various device functions. Insome embodiments, the components are arranged so as to communicate viaone or more busses (not shown). In various embodiments, aspects from oneor more the TCU 116, the head unit 114, the LPWA device 120, and/or theELD 130 can be configured or otherwise implemented in the user equipment700. As such, an instance of the MTE 110 may include one or more aspectsof the user equipment 700 discussed herein. Thus, it should beunderstood that FIG. 7 and the following description are intended toprovide a general understanding of a suitable environment in whichvarious aspects of embodiments can be implemented, and should not beconstrued as being limiting in any way.

As illustrated in FIG. 7, the user equipment 700 can include a display702 for presenting data and information. According to variousembodiments, the display 702 can be configured to present variousgraphical user interface (“GUI”) elements for presenting and/ormodifying information associated with audiovisual content, anaudiovisual content filter, presenting text, images, video, virtualkeypads and/or keyboards, messaging data, notification messages,metadata, internet content, device status, time, date, calendar data,device preferences, map and location data, combinations thereof, and/orthe like. The user equipment 700 also can include a processor 704 and amemory or other data storage device (“memory”) 706. The processor 704can be configured to process data and/or can execute computer-executableinstructions stored in the memory 706. The computer-executableinstructions executed by the processor 704 can include, for example, anoperating system 708, one or more applications 710 such as a displayapplication that can present various communications, messages, and/orother computer-executable instructions stored in a memory 706, or thelike. In some embodiments, the applications 710 also can include a UIapplication (not illustrated in FIG. 7) and/or vehicle softwareapplications that can execute on the head unit 114 and/or the TCU 116.

One or more applications and/or computer readable instructions caninterface with the operating system 708 to facilitate any of theoperations discussed herein and functionality for presenting contentand/or data stored at and/or received by the user equipment 700 and/orstored elsewhere. It is understood that one or more instances of theoperating system 708 may be included and operate within one or moresystems discussed with respect to the operating environment 100, such asbut not limited to the MTE 110 and/or the network server 170. In someembodiments, the operating system 708 can include a member of theSYMBIAN OS family of operating systems from SYMBIAN LIMITED, a member ofthe WINDOWS MOBILE OS and/or WINDOWS PHONE OS families of operatingsystems from MICROSOFT CORPORATION, a member of the PALM WEBOS family ofoperating systems from HEWLETT PACKARD CORPORATION, a member of theBLACKBERRY OS family of operating systems from RESEARCH IN MOTIONLIMITED, a member of the IOS family of operating systems from APPLEINC., a member of the ANDROID OS family of operating systems from GOOGLEINC., and/or other operating systems. These operating systems are merelyillustrative of some contemplated operating systems that may be used inaccordance with various embodiments of the concepts and technologiesdescribed herein and therefore should not be construed as being limitingin any way.

An application can be executed by the processor 704 to aid a user inpresenting content, interacting with the LPWA device 120 and/or the ELD130, engaging with the spoofing detection service 174, presenting avarious communications, providing input or other information about theuser equipment 700, presenting an identifier, configuring settings,manipulating address book content and/or settings, multimodeinteraction, interacting with other applications 710, and otherwisefacilitating user interaction with the operating system 708, theapplications 710, and/or other types or instances of data 712 that canbe stored at the user equipment 700, such as stored by the memory 706.According to various embodiments, the data 712 can include, for example,instances of the HOS record 134, the GPS location data 136A-N, the GPSmeasurements 138, the independent location data 125A-N, the mobileterminal location response data 126, the local device sensormeasurements 127, the mobile terminal location request 142, the qualityof service parameters 144, the mobile terminal location response 146,the GPS-based measurement messages 140, any other elements discussedwith respect to FIGS. 1, 2, 3A, 3B, 4A, and 4B, presence applications,wireless power transfer information, visual voice mail applications,messaging applications, text-to-speech and speech-to-text applications,add-ons, plug-ins, email applications, music applications, videoapplications, camera applications, location-based service applications,power conservation applications, game applications, productivityapplications, entertainment applications, enterprise applications,combinations thereof, and the like. The applications 710, the data 712,and/or portions thereof can be stored in the memory 706 and/or in afirmware 714, and can be executed by the processor 704. The firmware 714also can store code for execution during device power up and power downoperations. It can be appreciated that the firmware 714 can be stored ina volatile or non-volatile data storage device including, but notlimited to, the memory 706 and/or a portion thereof.

The user equipment 700 also can include an input/output (“I/O”)interface 716. One or more instances of the I/O interface 716 can beincluded any system and/or device discussed in FIG. 1 (e.g., the TCU 116of the MTE 110). The I/O interface 716 can be configured to support theinput/output of data such as a message, communication, command, and/orinstruction, and/or any other information or elements discussed withrespect to FIGS. 1, 2, 3, and 4, user information, organizationinformation, presence status information, user IDs, passwords, andapplication initiation (start-up) requests. In some embodiments, the I/Ointerface 716 can include a hardwire connection such as a universalserial bus (“USB”) port, a mini-USB port, a micro-USB port, an audiojack, a PS2 port, an IEEE 1394 (“FIREWIRE”) port, a serial port, aparallel port, an Ethernet (RJ45) port, an RJ11 port, a proprietaryport, combinations thereof, or the like. In some embodiments, the userequipment 700 can be configured to synchronize with another device totransfer content to and/or from the user equipment 700. In someembodiments, the user equipment 700 can be configured to receive updatesto one or more of the applications 710 via the I/O interface 716, thoughthis is not necessarily the case. In some embodiments, the I/O interface716 accepts I/O devices such as keyboards, keypads, mice, interfacetethers, printers, plotters, external storage, touch/multi-touchscreens, touch pads, trackballs, joysticks, microphones, remote controldevices, displays, projectors, medical equipment (e.g., stethoscopes,heart monitors, and other health metric monitors), modems, routers,external power sources, docking stations, combinations thereof, and thelike. It should be appreciated that the I/O interface 716 may be usedfor communications between the user equipment 700 and a network deviceor local device.

The user equipment 700 also can include a communications component 718.The communications component 718 can be configured to interface with theprocessor 704 to facilitate wired and/or wireless communications withone or more networks (e.g., the LPWAN 152, the network 150, and/or theRAN 154) and/or a network device (e.g., the network access point 156and/or the network server 170) described herein. In some embodiments,other networks include networks that utilize non-cellular wirelesstechnologies such as WI-FI or WIMAX. In some embodiments, thecommunications component 718 includes a multimode communicationssubsystem for facilitating communications via the cellular network andone or more other networks. The communications component 718, in someembodiments, includes one or more transceivers. The one or moretransceivers, if included, can be configured to communicate over thesame and/or different wireless technology standards with respect to oneanother. For example, in some embodiments one or more of thetransceivers of the communications component 718 may be configured tocommunicate using GSM, CDMAONE, CDMA2000, LTE, and various other 2G,2.5G, 3G, 4G, LTE, LTE Advanced, 5G NR, and greater generationtechnology standards. Moreover, the communications component 718 mayfacilitate communications over various channel access methods (which mayor may not be used by the aforementioned standards) including, but notlimited to, TDMA, FDMA, W-CDMA, OFDMA, SDMA, and the like.

In addition, the communications component 718 may facilitate datacommunications using GPRS, EDGE, the HSPA protocol family includingHSDPA, EUL or otherwise termed HSUPA, HSPA+, and various other currentand future wireless data access standards. In the illustratedembodiment, the communications component 718 can include a firsttransceiver (“TxRx”) 720A that can operate in a first communicationsmode (e.g., GSM). The communications component 718 also can include anN^(th) transceiver (“TxRx”) 720N that can operate in a secondcommunications mode relative to the first transceiver 720A (e.g., UMTS).While two transceivers 720A-N (hereinafter collectively and/orgenerically referred to as “transceivers 720”) are shown in FIG. 7, itshould be appreciated that less than two, two, and/or more than twotransceivers 720 can be included in the communications component 718.

The communications component 718 also can include an alternativetransceiver (“Alt TxRx”) 722 for supporting other types and/or standardsof communications. According to various contemplated embodiments, thealternative transceiver 722 can communicate using various communicationstechnologies such as, for example, WI-FI, WIMAX, BLUETOOTH, infrared,infrared data association (“IRDA”), near field communications (“NFC”),other RF technologies, combinations thereof, and the like. In someembodiments, the communications component 718 also can facilitatereception from terrestrial radio networks, digital satellite radionetworks, internet-based radio service networks, combinations thereof,and the like. The communications component 718 can process data from anetwork such as the Internet, an intranet, a broadband network, a WI-FIhotspot, an Internet service provider (“ISP”), a digital subscriber line(“DSL”) provider, a broadband provider, combinations thereof, or thelike. In some embodiments, the communications component 718 can supportone or more communication modes, such as a direct transmission mode overa PC5 interface and/or the network transmission mode over a Uuinterface.

The user equipment 700 also can include one or more sensors 724. Thesensors 724 can include temperature sensors, light sensors, air qualitysensors, movement sensors, orientation sensors, noise sensors, proximitysensors, or the like. As such, it should be understood that the sensors724 can include, but are not limited to, accelerometers, magnetometers,gyroscopes, infrared sensors, noise sensors, microphones, combinationsthereof, or the like. Additionally, audio capabilities for the userequipment 700 may be provided by an audio I/O component 726. The audioI/O component 726 of the user equipment 700 can include one or morespeakers for the output of audio signals, one or more microphones forthe collection and/or input of audio signals, and/or other audio inputand/or output devices. In some embodiments, the audio I/O component 726may be included as a component of the display 702. For example, in someembodiments, the display 702 can provide and present visual imagesand/or audio input and/or audio output. In some embodiments, the I/Ointerface 716 can include direct communicative coupling with the display702 and/or the audio I/O component 726 so as to provide transfer andinput and/or output of visual images (e.g., from the display 702) and/oraudio clips (e.g., from the audio I/O component 726) to and/or from theuser equipment 700.

The illustrated user equipment 700 also can include a subscriberidentity module (“SIM”) system 728. The SIM system 728 can include auniversal SIM (“USIM”), a universal integrated circuit card (“UICC”)and/or other identity devices. The SIM system 728 can include and/or canbe connected to or inserted into an interface such as a slot interface730. In some embodiments, the slot interface 730 can be configured toaccept insertion of other identity cards or modules for accessingvarious types of networks. Additionally, or alternatively, the slotinterface 730 can be configured to accept multiple subscriber identitycards. Because other devices and/or modules for identifying users and/orthe user equipment 700 are contemplated, it should be understood thatthese embodiments are illustrative, and should not be construed as beinglimiting in any way.

The user equipment 700 also can include an image capture and processingsystem 732 (“image system”). The image system 732 can be configured tocapture or otherwise obtain photos, videos, and/or other visualinformation. As such, the image system 732 can include cameras, lenses,charge-coupled devices (“CCDs”), combinations thereof, or the like. Theuser equipment 700 may also include a video system 734. The video system734 can be configured to capture, process, record, modify, and/or storevideo content. Photos and videos obtained using the image system 732 andthe video system 734, respectively, may be added as message content toan MMS message, email message, and sent to another user equipment. Thevideo and/or photo content also can be shared with other devices viavarious types of data transfers via wired and/or wireless user equipmentas described herein.

The user equipment 700 also can include one or more location components736. The location components 736 can be configured to send and/orreceive signals to determine a geographic location of the user equipment700. According to various embodiments, the location components 736 cansend and/or receive signals from global positioning system (“GPS”)devices, assisted-GPS (“A-GPS”) devices, WI-FI/WIMAX and/or cellularnetwork triangulation data, combinations thereof, and the like. Thelocation component 736 also can be configured to communicate with thecommunications component 718 to retrieve triangulation data fordetermining a location of the user equipment 700. In some embodiments,the location component 736 can interface with cellular network nodes,telephone lines, satellites, location transmitters and/or beacons,wireless network transmitters and receivers, combinations thereof, andthe like. In some embodiments, the location component 736 can includeand/or can communicate with one or more of the sensors 724 such as acompass, an accelerometer, and/or a gyroscope to determine theorientation of the user equipment 700. Using the location component 736,the user equipment 700 can generate and/or receive data to identify itsgeographic location, or to transmit data used by other devices todetermine the location of the user equipment 700. The location component736 may include multiple components for determining the location and/ororientation of the user equipment 700.

The illustrated user equipment 700 also can include a power source 738.The power source 738 can include one or more batteries, power supplies,power cells, and/or other power subsystems including alternating current(“AC”) and/or direct current (“DC”) power devices. The power source 738also can interface with an external power system or charging equipmentvia a power I/O component 740. Because the user equipment 700 caninclude additional and/or alternative components, the above embodimentshould be understood as being illustrative of one possible operatingenvironment for various embodiments of the concepts and technologiesdescribed herein. The described embodiment of the user equipment 700 isillustrative, and therefore should not be construed as being limiting inany way.

Based on the foregoing, it should be appreciated that concepts andtechnologies directed to GPS spoofing detection and countermeasures havebeen disclosed herein. Although the subject matter presented herein hasbeen described in language specific to computer structural features,methodological and transformative acts, specific computing machinery,and computer-readable mediums, it is to be understood that the conceptsand technologies disclosed herein are not necessarily limited to thespecific features, acts, or mediums described herein. Rather, thespecific features, acts and mediums are disclosed as example forms ofimplementing the concepts and technologies disclosed herein.

The subject matter described above is provided by way of illustrationonly and should not be construed as limiting. Various modifications andchanges may be made to the subject matter described herein withoutfollowing the example embodiments and applications illustrated anddescribed, and without departing from the true spirit and scope of theembodiments of the concepts and technologies disclosed herein.

What is claimed is:
 1. A system comprising: a processor; and a memorythat stores computer-executable instructions that, in response toexecution by the processor, cause the processor to perform operationscomprising: identifying a mobile transportation equipment comprising anelectronic logging device and a low-power wide area device, wherein theelectronic logging device obtains global positioning system (GPS)location data from a GPS receiver unit and the low-power wide areadevice obtains independent location data via a narrow band path of alow-power wide area network, obtaining the GPS location data and theindependent location data, determining that a spatio-temporalmisalignment exists between the independent location data and the GPSlocation data for the mobile transportation equipment, providingspatio-temporal data alignment that generates electronic logging deviceestimates and low-power wide area device estimates, determining that aGPS spoofing attack has occurred based on the electronic logging deviceestimates and the low-power wide area device estimates, creating a GPSspoofing alert for the mobile transportation equipment, and generatingan hours of service correction command that includes the GPS spoofingalert, wherein the hours of service correction command instructs theelectronic logging device to update an hours of service log withcorrected route data and spoofing time identifiers corresponding to theGPS spoofing attack.
 2. The system of claim 1, wherein the independentlocation data includes mobile terminal location response data that isjoined to local data sensor measurements.
 3. The system of claim 1,wherein the electronic logging device maintains an hours of servicerecord that tracks movement of the mobile transportation equipment basedon the GPS location data.
 4. The system of claim 1, wherein theoperations further comprise: detecting that an off-duty driving mode wasactivated on the mobile transportation equipment; and obtaining alocation obfuscation constraint parameter that defines an allowabledeviation distance for the mobile transportation equipment.
 5. Thesystem of claim 4, wherein the operations further comprise in responseto determining that a deviation distance exceeds the allowable deviationdistance provided by the location obfuscation constraint parameter,generating the corrected route data representing an actual location ofthe mobile transportation equipment during the GPS spoofing attack. 6.The system of claim 4, wherein the operations further comprise inresponse to determining that a deviation distance does not exceed theallowable deviation distance provided by the location obfuscationconstraint parameter, withholding the GPS spoofing alert from beingprovided to the electronic logging device until the deviation distanceexceeds the allowable deviation distance.
 7. A method comprising:identifying, by a network server executing a processor, a mobiletransportation equipment comprising an electronic logging device and alow-power wide area device, wherein the electronic logging deviceobtains global positioning system (GPS) location data from a GPSreceiver unit and the low-power wide area device obtains independentlocation data via a narrow band path of a low-power wide area network;obtaining, by the network server, the GPS location data and theindependent location data; determining, by the network server, that aspatio-temporal misalignment exists between the independent locationdata and the GPS location data for the mobile transportation equipment;providing, by the network server, spatio-temporal data alignment thatgenerates electronic logging device estimates and low-power wide areadevice estimates; determining, by the network server, that a GPSspoofing attack has occurred based on the electronic logging deviceestimates and the low-power wide area device estimates; creating, by thenetwork server, a GPS spoofing alert for the mobile transportationequipment; and generating, by the network server, an hours of servicecorrection command that includes the GPS spoofing alert, wherein thehours of service correction command instructs the electronic loggingdevice to update an hours of service log with corrected route data andspoofing time identifiers corresponding to the GPS spoofing attack. 8.The method of claim 7, wherein the independent location data includesmobile terminal location response data that is joined to local datasensor measurements.
 9. The method of claim 7, wherein the electroniclogging device maintains an hours of service record that tracks movementof the mobile transportation equipment based on the GPS location data.10. The method of claim 7, further comprising: detecting, by the networkserver, that an off-duty driving mode was activated on the mobiletransportation equipment; and obtaining, by the network server, alocation obfuscation constraint parameter that defines an allowabledeviation distance for the mobile transportation equipment.
 11. Themethod of claim 10, further comprising in response to determining that adeviation distance exceeds the allowable deviation distance provided bythe location obfuscation constraint parameter, generating, by thenetwork server, the corrected route data representing an actual locationof the mobile transportation equipment during the GPS spoofing attack.12. The method of claim 10, further comprising in response todetermining that a deviation distance does not exceed the allowabledeviation distance provided by the location obfuscation constraintparameter, withholding, by the network server, the GPS spoofing alertfrom being provided to the electronic logging device until the deviationdistance exceeds the allowable deviation distance.
 13. A computerstorage medium having computer-executable instructions stored thereonthat, in response to execution by a processor, causes the processor toperform operations comprising: identifying a mobile transportationequipment comprising an electronic logging device and a low-power widearea device, wherein the electronic logging device obtains globalpositioning system (GPS) location data from a GPS receiver unit and thelow-power wide area device obtains independent location data via anarrow band path of a low-power wide area network; obtaining the GPSlocation data and the independent location data; determining that aspatio-temporal misalignment exists between the independent locationdata and the GPS location data for the mobile transportation equipment;providing spatio-temporal data alignment that generates electroniclogging device estimates and low-power wide area device estimates;determining that a GPS spoofing attack has occurred based on theelectronic logging device estimates and the low-power wide area deviceestimates; creating a GPS spoofing alert for the mobile transportationequipment; and generating an hours of service correction command thatincludes the GPS spoofing alert, wherein the hours of service correctioncommand instructs the electronic logging device to update an hours ofservice log with corrected route data and spoofing time identifierscorresponding to the GPS spoofing attack.
 14. The computer storagemedium of claim 13, wherein the independent location data includesmobile terminal location response data that is joined to local datasensor measurements.
 15. The computer storage medium of claim 13,wherein the operations further comprise: detecting that an off-dutydriving mode was activated on the mobile transportation equipment; andobtaining a location obfuscation constraint parameter that defines anallowable deviation distance for the mobile transportation equipment.16. The computer storage medium of claim 15, wherein the operationsfurther comprise in response to determining that a deviation distanceexceeds the allowable deviation distance provided by the locationobfuscation constraint parameter, generating the corrected route datarepresenting an actual location of the mobile transportation equipmentduring the GPS spoofing attack.
 17. The computer storage medium of claim15, wherein the operations further comprise in response to determiningthat a deviation distance does not exceed the allowable deviationdistance provided by the location obfuscation constraint parameter,withholding the GPS spoofing alert from being provided to the electroniclogging device until the deviation distance exceeds the allowabledeviation distance.